When performing an app test I kept getting temporarily redirected to an auth page that was HTTPS and then directed back to the page I came from. This was frustrating as i was using burpsuite and i kept getting the certificate error message.
I only used this VM for app testing so decided to stop Internet Explorer from nagging me about certificate errors.
Open regedit and navigate to the following… Continue reading
We need to capture the WPA 4 way handshake in order to perform an offline GPU attack. For this demo we’ll be using an Alfa AWUS036H wireless card under Backtrack 5 R2 64bit.
Now I could go in depth about capturing the WPA handshake manually using aircrack-ng but it has been covered in full in many places already, so instead im going to use a great python tool call… Continue reading
The tool we’re going to use here is hashcat. I’ll be testing this using a ATI 6950 2GB GPU running on Kubuntu 64bit using catalyst drivers 12.2. Your mileage might vary depending on what card you’re using. Hashcat (now known as oclhashcat-plus) comes with a few different binaries depending on what architecture you’ll be running it on.
- nVidia 32bit – use
- nVidia 64bit – use
- ATI 32bit –… Continue reading
So you’ve got a hash and you want to crack it. We’ve already covered a quick way to get to a windows password here but in that example we simply used john the ripper to crack the password… but what if john is taking ages? Step in rainbow tables.
I wont go into detail of what Rainbow tables are as they are already well documented on the web but as… Continue reading