phillips321

Penetration Tester and Linux fanboy!

oclHashcat-plus 0.07 vs 0.08 speed 6950 2gb kubuntu 11.10

Published May 1, 2012 | By phillips321

So today oclHashcat-plus-0.08 was released by atom.

As I like to play with oclHashcat I thought it would be a good idea to update, but this also meant that I would have to update to the catalyst 12.04 drivers.

Before doing this it made sense to run a speed test using the scripts provided on thepasswordproject.com.

Before running these tests it’s important to ensure that your fans are… Continue reading →

Posted in Uncategorized | Tagged aticonfig, catalyst, fanspeed, hashcat, oclhashcat, temperature, thepasswordproject, ubuntu | 1 Comment

CVE-2012-1844 Default system username and password – now disclosed

Published May 1, 2012 | By phillips321

So on a recent test I found a few devices, one was a Qunatum Scalar i500 and the other was an IBM TS3310, both are tape libraries.

CVE-2012-1844 states the following: The Quantum Scalar i500 tape library with firmware before i7.0.3 (604G.GS00100), also distributed as the Dell ML6000 tape library with firmware before A20-00 (590G.GS00100) and the IBM TS3310 tape library with firmware before R6C (606G.GS001), uses default passwords for… Continue reading →

Posted in Linux, Networking | Tagged /etc/passwd, cve, cve-2012-1841, cve-2012-1844, dell, i500, ibm, ilinkacc, ml6000, quantum, scalar, service, ts3310 | 2 Comments

oclHashcat Examples of lots of different hash types

Published April 11, 2012 | By phillips321

So you’ve got oclHashcat and you want to practice cracking hashes but you’ve got no hashes? Fear not! There are hashes listed below for you to play with or if you would like to generate hashes yourself download my perl module here and have a play with making them and then cracking yourself: svn checkout http://hashcat-passgen.googlecode.com/svn/trunk/ hashcat-passgen Direct link to code here. (Big thanks to atom at hashcat.net for giving… Continue reading →

Posted in Uncategorized | Tagged 11g, base64, hash, hashcat, lm, md4, md5, mscash, mssql, mysql, ntlm, oclhashcat, sha1, sha256, wpa, wpa2 | 6 Comments

Creating Thumbnails for the Synology DiskStation PhotoStation

Published April 8, 2012 | By phillips321

UPDATE: If you’re on a Mac I suggest you use this python script instead.

The Synology Diskstation(DS) devices have a Photo Station application that creates a web based album of folders in your /photos folder.

The DS creates thumbnails for these photos when they are uploaded to the NAS. Unfortunately these devices are using slow low power processors so converting the photos takes some time. Each photo has 5… Continue reading →

Posted in Uncategorized | Tagged 211j, convert, DiskStation, ds, photo, PhotoStation, station, Synology, Thumbnails | Leave a comment

Cracking an MD5 of an IP address

Published April 4, 2012 | By phillips321

So I noticed whilst web app testing that would receive a cookie with a value called bIPs: 709aed354747fda133a5da28dbed60e7 95eb48ad7eae5c0aa9766f0258ae8a35

Looks like it’s using a big IP load balancer. I noticed it was MD5 and that was confirmed by finding the code that generates the hash(cheers scriptmonkey).

I decided to use Hashcat to do the bruteforcing. First thing that came to mind was how to use a dictionary containing… Continue reading →

Posted in Uncategorized | Tagged address, hashcat, ip, md5, ocl-hashcat | 12 Comments

phillips321.co.uk

pen testing, security and linux

oclHashcat-plus 0.07 vs 0.08 speed 6950 2gb kubuntu 11.10

CVE-2012-1844 Default system username and password – now disclosed

oclHashcat Examples of lots of different hash types

Creating Thumbnails for the Synology DiskStation PhotoStation

Cracking an MD5 of an IP address

Recent Posts

Meta

Links