Comments for Information Systems Auditing

Comment on Security Tools by Stand-Alone Tools and Utilities at Information Systems Auditing

Stand-Alone Tools and Utilities at Information Systems Auditing — Wed, 01 Sep 2010 00:31:45 +0000

[...] you need when you connect to the auditee’s network. I’ve made changes to the Security Tools page to highlight which tools are stand-alone and do not require installation. Also for reference [...]

Comment on John the Ripper w/ Jumbo Patch (Updated for 1.7.5) by admin

admin — Thu, 03 Jun 2010 20:59:02 +0000

Andy,

I’ve recently upgraded to Ubuntu 10.04 and I will try to get John patched, installed, and update the tutorial. If I encounter any problems myself I will let you know.

-James

Update 1: I’m getting the same error as you and I’m using the latest OpenSSL and John stable source code.

Update 2: I still want to figure out why installing openssl from source is causing a problem but if this will help you I got John to compile when I installed libssl-dev from the Ubuntu repositories (0.9.8k).

Final Update: I’ve had the chance to figure out why John wasn’t finding the openssl headers when they were installed from source. The latest openssl installs the headers in /usr/local/ssl/include/openssl and the John make file only looks in /usr/local/include and /usr/local/lib. I created a symlink (#ln -s /usr/local/ssl/include/openssl /usr/local/include/openssl). You can also specify where openssl will be installed when you configure before compiling.

Comment on John the Ripper w/ Jumbo Patch (Updated for 1.7.5) by Andy

Andy — Mon, 31 May 2010 13:52:03 +0000

Hi there, this may seem a little old to asking questions but i’m also having probs on my John build after patching.

I also have openssl installed (from scratch) and updated my path on ubuntu 10.04 to /usr/local/ssl/bin/openssl

then did a ldconfig

XSHA_fmt.c:7:25: error: openssl/sha.h: No such file or directory
XSHA_fmt.c:43: error: expected ‘=’, ‘,’, ‘;’, ‘asm’ or ‘__attribute__’ before ‘ctx’

but I still get the error after I try to build

any suggestions?

Comment on SQLNINJA: SQL Injection by icesurfer

icesurfer — Mon, 10 May 2010 12:47:29 +0000

The black screen is usually due to SQL Server running as ‘Network Service’ instead of ‘SYSTEM’. You can use Churrasco.exe (shipped with sqlninja-0.2.5) to attempt a privilege escalation. Otherwise, wait for sqlninja-0.2.6 which should feature privilege escalation through kitrap0d
–
icesurfer

Comment on Configuration Tutorials by Updated Linux Laptop configuration for Auditors at Information Systems Auditing

Updated Linux Laptop configuration for Auditors at Information Systems Auditing — Wed, 10 Mar 2010 16:19:00 +0000

[...] at version 9.10 (Karmic Koala). The specific brand I use is the Netbook Remix. See the Configuration Tutorials to download the latest pdf [...]

Comment on John the Ripper w/ Jumbo Patch (Updated for 1.7.5) by SH

SH — Wed, 25 Nov 2009 17:21:20 +0000

I was using RHEL 4 U4. Thank you so much for pointing out the fact I was missing the openssl-devel. After installing that it worked just fine. Boy do I feel dumb.

Happy thanksgiving and thanks for the quick reply!

Comment on John the Ripper w/ Jumbo Patch (Updated for 1.7.5) by James

James — Wed, 25 Nov 2009 16:00:29 +0000

What OS are you using and how did you install openssl? I ask about how you installed openssl because if it was as an OS package you would need the lib-dev version of the package. If you installed openssl from source like I’ve described above you may need to run ldconfig and make sure that the path to your libraries is updated. The openssl library may be installed in /usr/local/lib and not be in the library path.

If you are looking for the functionality of cracking MS-Cache passwords you can try myjohn.tgz which has been floating around the Internet. It can be downloaded from my site and is already pre-patched for MS-Cache passwords. Try all these things and let me know how it goes.

Download myjohn.tgz from http://www.jedge.com/utilities/myjohn.tgz

Comment on John the Ripper w/ Jumbo Patch (Updated for 1.7.5) by SH

SH — Wed, 25 Nov 2009 15:45:22 +0000

I am not having any luck with the “make” part after I patch the JTR source. I keep getting errors during the XSHA make part (or if I remove it from the make statement other sections that got patched in)

Any ideas?

gcc -c -Wall -O2 -fomit-frame-pointer -I/usr/local/include -L/usr/local/lib -funroll-loops XSHA_fmt.c
XSHA_fmt.c:7:25: openssl/sha.h: No such file or directory
XSHA_fmt.c:43: error: syntax error before “ctx”
XSHA_fmt.c:43: warning: type defaults to `int’ in declaration of `ctx’
XSHA_fmt.c:43: warning: data definition has no type or storage class
XSHA_fmt.c: In function `crypt_all’:

I have openssl installed (I double checked)

Comment on Windows Password Cache by admin

admin — Mon, 16 Nov 2009 13:29:12 +0000

R Duff,

LC4 can be used to run a dictionary attack against Lan Manager hashes obtained by PWDumpX. However, this is not practical anymore with the advent of Rainbowcrack and a Rainbowtable. Also LC4 does not do MS Cache passwords. Cain & Abel does everything LC4 can do and a whole lot more. I will update my post to include a simple perl script to convert PWDumpX Cache dumps to make them suitable for use in Cain.

-jedge

Comment on Windows Password Cache by R Duff

R Duff — Sat, 14 Nov 2009 19:21:12 +0000

Can LC4 be used to crack the password hash output from PWdumpX?