Commit 2a71c371 authored by Cédric Tissières's avatar Cédric Tissières

3.7.0 release

parents
*.[oa]
*~
.depend
Makefile
aclocal.m4
autom4te.cache/
config.h
config.h.in
config.log
config.status
configure
win32
philippe.oechslin at objectif-securite.ch
cedric.tissieres at objectif-securite.ch
bertrand.mesot at objectif-securite.ch
This diff is collapsed.
v 3.7.0 - (feature) better preloading strategy
- (feature) Compilation chain refactored
- (feature) improved cracking speed in case of mixed preloading (memory & disk)
- (fix) removed non-working pwdump6 related functions
- (fix) correct memory calculation on windows
v 3.6.1 - (fix) compatibility with openssl 1.1.0
v 3.6.0 - (fix) rewrite of probabilistic support
- (feature) new preload policy (priority on index + bin)
- (fix) Debian patches applied (FreeBSD)
v 3.5.0 - (feature) support of probabilistic tables
v 3.4.1 - (feature) new vista_specialxl support
v 3.4.0 - (feature) new lm_flash tables support
- (feature) new vista_eightxl support
- (feature) dump of the password with samdump2 on a live
system to avoid code injection
- (fix) support of special characters in usernames
- (fix) bug in file output (thanks to pkasza)
v 3.3.1 - (feature) possibility to export to a specific CSV in cmd-line
- (fix) int overflow on 32 bits platforms
- (fix) default share name modified for pwdump
- (fix) hide username in CSV output
v 3.3.0 - (feature) new vista_seven tables support
- (feature) tables size verification
- (feature) switch to control the preloading
- (fix) bug fix to avoid division by zero with unknown table
- (fix) LARGEFILE flags set in the Makefile explicitely
- (fix) memory leak in regex
- (fix) small fixes in configure (thanks to Adam Miller)
v 3.2.1 - (feature) new vista_num tables support
- (feature) Qt and Qwt upgraded
- (fix) 2GB limitation removed on 32-bits architectures
- (fix) Windows memory detection overflow
v 3.2.0 - (feature) new vista_eight tables support
- (feature) graphs display with libqwt
- (feature) audit mode (no sensitive info displayed)
- (feature) export to CSV (not possible to load back)
- (fix) integer overflow with big tables
- (fix) calculation of cmin and cmax with long chains
v 3.1.0 - (feature) new vista_nine tables support
- (feature) usernames can be hidden
- (feature) bruteforce is much faster now
- (feature) platform detection in configure
- (feature) pwdump6 updated to 1.7.2
- (fix) code improved on Solaris (thanks to Jens Elkner)
- (fix) code improved on Mac OS X (thanks to Cedric Luethi)
- (fix) SSL detection improved
- (fix) list functions renamed
v 3.0.1 - (fix) bug in configure for qmake > 4.3
- (feature) Support for mac os x (--enable-osx in configure)
- (fix) Various minor fixes related to Mac OS X compilation
v 3.0 - (feature) multithreading
- (feature) bruteforce
- (feature) command line version
- (feature) GUI in Qt
- (feature) support of simultaneous tables sets
- (feature) session saving
- (feature) new vista tables
- (feature) lots of new other features...
v 2.4.1 - (fix) bug in loading SAM and SYSTEM on Unix
- (feature) windows dir is given in argument on the LiveCD
v 2.4 - (feature) crack accented characters that map to ASCII
- (feature) shortcut to delete hashes (delete key)
- (feature) case insensitivity for loading SAM and SYSTEM on Unix
- (feature) remote files in file dialog
- (fix) bug in save file
v 2.3.4 - (feature) Vista support
- (feature) bkhive 1.1.0 (see its own Changelog)
- (feature) samdump2 1.1.0 (see its own Changelog)
- (feature) support for cracking german LM hashes
- (feature) easier to change tables on the livecd
- (fix) problems in counting cracked/non-cracked hashes
- (fix) tables configuration file
v 2.3.3 - (feature) bkhive2 instead of bkhive (more stable)
- (feature) auto-save last tables used
- (fix) error message when no tables found
v 2.3.2 - (fix) bug in bkhive (thanks to Louis Schlesinger)
- (fix) bug in pwdump6 when launched locally (thanks to Fizzgig)
- (fix) bug in display when pre-loading table
- (fix) patch for FreeBSD and Mac OS X
v 2.3.1 - (feature) fit screen if the resolution is too small
- (fix) livecd bug
- (fix) performance improvement in make_redux.c
v 2.3 - (feature) support for cracking of NTLM hashes ( length<6: alphanum
+33 special chars / length=7: alphanum (lowercase + uppercase) /
length=8: alphanum (lowercase only))
- (feature) auto-detection of tables type
- (feature) preload of the tables with Windows (makes the
cracking process much faster)
- (feature) support of pwdump6 instead of pwdump2/pwdump4 to avoid
LSASS crash (Win32 only)
- (feature) replacement of the binary search by a linear search
- (feature) support of Mac OS X (Intel CPU only) thanks to Cedric Luthi
- (feature) status bar is more explicit than before
- (feature) help menu added
- (fix) configure script improved (thanks to Cedric Luthi)
- (fix) loading files containing many hashes are better handled
- (fix) some memory leaks fixed
- (fix) handling of special characters in username improved
- (fix) few smaller bugs
v 2.2 - (feature) support of the new table set (alphanum + 33 special
chars - WS-20k)
- (feature) easier configuration for the table set (tables.cfg)
- (feature) automatic definition of the number of tables to use
at the same time (batch_tables) by queriying the system for the
size of the memory
- (feature) speed-up in tables reading
- (feature) cleaning of the memory to make place for table
readahead (linux version only)
- (feature) improved installer for windows version
- (fix) change of the default share for pwdump4 (ADMIN$)
v 2.1 - (feature) tables button for changing the tables parameters
- (feature) add single hash function
- (feature) delete single hash function
- (feature) change of the Load menu (linux version especially)
- (feature) tables readahead (linux version only)
- (fix) close the files when stop toggled
- (fix) handles directories with spaces in their name for SAM location
v 2.0 - added GTK GUI
- added hash dumping using bkhive for encrypted hashes, pwdump2
for local hashes and pwdump4 for remote hashes
Basic Installation
==================
These are generic installation instructions.
The `configure' shell script attempts to guess correct values for
various system-dependent variables used during compilation. It uses
those values to create a `Makefile' in each directory of the package.
It may also create one or more `.h' files containing system-dependent
definitions. Finally, it creates a shell script `config.status' that
you can run in the future to recreate the current configuration, a file
`config.cache' that saves the results of its tests to speed up
reconfiguring, and a file `config.log' containing compiler output
(useful mainly for debugging `configure').
If you need to do unusual things to compile the package, please try
to figure out how `configure' could check whether to do them, and mail
diffs or instructions to the address given in the `README' so they can
be considered for the next release. If at some point `config.cache'
contains results you don't want to keep, you may remove or edit it.
The file `configure.in' is used to create `configure' by a program
called `autoconf'. You only need `configure.in' if you want to change
it or regenerate `configure' using a newer version of `autoconf'.
The simplest way to compile this package is:
1. `cd' to the directory containing the package's source code and type
`./configure' to configure the package for your system. If you're
using `csh' on an old version of System V, you might need to type
`sh ./configure' instead to prevent `csh' from trying to execute
`configure' itself.
Running `configure' takes awhile. While running, it prints some
messages telling which features it is checking for.
2. Type `make' to compile the package.
3. Optionally, type `make check' to run any self-tests that come with
the package.
4. Type `make install' to install the programs and any data files and
documentation.
5. You can remove the program binaries and object files from the
source code directory by typing `make clean'. To also remove the
files that `configure' created (so you can compile the package for
a different kind of computer), type `make distclean'. There is
also a `make maintainer-clean' target, but that is intended mainly
for the package's developers. If you use it, you may have to get
all sorts of other programs in order to regenerate files that came
with the distribution.
Compilers and Options
=====================
Some systems require unusual options for compilation or linking that
the `configure' script does not know about. You can give `configure'
initial values for variables by setting them in the environment. Using
a Bourne-compatible shell, you can do that on the command line like
this:
CC=c89 CFLAGS=-O2 LIBS=-lposix ./configure
Or on systems that have the `env' program, you can do it like this:
env CPPFLAGS=-I/usr/local/include LDFLAGS=-s ./configure
Compiling For Multiple Architectures
====================================
You can compile the package for more than one kind of computer at the
same time, by placing the object files for each architecture in their
own directory. To do this, you must use a version of `make' that
supports the `VPATH' variable, such as GNU `make'. `cd' to the
directory where you want the object files and executables to go and run
the `configure' script. `configure' automatically checks for the
source code in the directory that `configure' is in and in `..'.
If you have to use a `make' that does not supports the `VPATH'
variable, you have to compile the package for one architecture at a time
in the source code directory. After you have installed the package for
one architecture, use `make distclean' before reconfiguring for another
architecture.
Installation Names
==================
By default, `make install' will install the package's files in
`/usr/local/bin', `/usr/local/man', etc. You can specify an
installation prefix other than `/usr/local' by giving `configure' the
option `--prefix=PATH'.
You can specify separate installation prefixes for
architecture-specific files and architecture-independent files. If you
give `configure' the option `--exec-prefix=PATH', the package will use
PATH as the prefix for installing programs and libraries.
Documentation and other data files will still use the regular prefix.
In addition, if you use an unusual directory layout you can give
options like `--bindir=PATH' to specify different values for particular
kinds of files. Run `configure --help' for a list of the directories
you can set and what kinds of files go in them.
If the package supports it, you can cause programs to be installed
with an extra prefix or suffix on their names by giving `configure' the
option `--program-prefix=PREFIX' or `--program-suffix=SUFFIX'.
Optional Features
=================
Some packages pay attention to `--enable-FEATURE' options to
`configure', where FEATURE indicates an optional part of the package.
They may also pay attention to `--with-PACKAGE' options, where PACKAGE
is something like `gnu-as' or `x' (for the X Window System). The
`README' should mention any `--enable-' and `--with-' options that the
package recognizes.
For packages that use the X Window System, `configure' can usually
find the X include and library files automatically, but if it doesn't,
you can use the `configure' options `--x-includes=DIR' and
`--x-libraries=DIR' to specify their locations.
Specifying the System Type
==========================
There may be some features `configure' can not figure out
automatically, but needs to determine by the type of host the package
will run on. Usually `configure' can figure that out, but if it prints
a message saying it can not guess the host type, give it the
`--host=TYPE' option. TYPE can either be a short name for the system
type, such as `sun4', or a canonical name with three fields:
CPU-COMPANY-SYSTEM
See the file `config.sub' for the possible values of each field. If
`config.sub' isn't included in this package, then this package doesn't
need to know the host type.
If you are building compiler tools for cross-compiling, you can also
use the `--target=TYPE' option to select the type of system they will
produce code for and the `--build=TYPE' option to select the type of
system on which you are compiling the package.
Sharing Defaults
================
If you want to set default values for `configure' scripts to share,
you can create a site shell script called `config.site' that gives
default values for variables like `CC', `cache_file', and `prefix'.
`configure' looks for `PREFIX/share/config.site' if it exists, then
`PREFIX/etc/config.site' if it exists. Or, you can set the
`CONFIG_SITE' environment variable to the location of the site script.
A warning: not all `configure' scripts look for a site script.
Operation Controls
==================
`configure' recognizes the following options to control how it
operates.
`--cache-file=FILE'
Use and save the results of the tests in FILE instead of
`./config.cache'. Set FILE to `/dev/null' to disable caching, for
debugging `configure'.
`--help'
Print a summary of the options to `configure', and exit.
`--quiet'
`--silent'
`-q'
Do not print messages saying which checks are being made. To
suppress all normal output, redirect it to `/dev/null' (any error
messages will still be shown).
`--srcdir=DIR'
Look for the package's source code in directory DIR. Usually
`configure' can determine that directory automatically.
`--version'
Print the version of Autoconf used to generate the `configure'
script, and exit.
`configure' also accepts some other, not widely useful, options.
/*
Ophcrack is a Lanmanager/NTLM hash cracker based on the faster time-memory
trade-off using rainbow tables.
Created with the help of: Maxime Mueller, Luca Wullschleger, Claude
Hochreutiner, Andreas Huber and Etienne Dysli.
Copyright (c) 2008 Philippe Oechslin, Cedric Tissieres, Bertrand Mesot
Ophcrack is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
Ophcrack is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with Ophcrack; if not, write to the Free Software
Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
This program is released under the GPL with the additional exemption
that compiling, linking, and/or using OpenSSL is allowed.
*/
\ No newline at end of file
LICENSE ISSUES
==============
The OpenSSL toolkit stays under a dual license, i.e. both the conditions of
the OpenSSL License and the original SSLeay license apply to the toolkit.
See below for the actual license texts. Actually both licenses are BSD-style
Open Source licenses. In case of any license issues related to OpenSSL
please contact openssl-core@openssl.org.
OpenSSL License
---------------
/* ====================================================================
* Copyright (c) 1998-2004 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* openssl-core@openssl.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
* This product includes cryptographic software written by Eric Young
* (eay@cryptsoft.com). This product includes software written by Tim
* Hudson (tjh@cryptsoft.com).
*
*/
Original SSLeay License
-----------------------
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
* This package is an SSL implementation written
* by Eric Young (eay@cryptsoft.com).
* The implementation was written so as to conform with Netscapes SSL.
*
* This library is free for commercial and non-commercial use as long as
* the following conditions are aheared to. The following conditions
* apply to all code found in this distribution, be it the RC4, RSA,
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
* included with this distribution is covered by the same copyright terms
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
*
* Copyright remains Eric Young's, and as such any Copyright notices in
* the code are not to be removed.
* If this package is used in a product, Eric Young should be given attribution
* as the author of the parts of the library used.
* This can be in the form of a textual message at program startup or
* in documentation (online or textual) provided with the package.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* "This product includes cryptographic software written by
* Eric Young (eay@cryptsoft.com)"
* The word 'cryptographic' can be left out if the rouines from the library
* being used are not cryptographic related :-).
* 4. If you include any Windows specific code (or a derivative thereof) from
* the apps directory (application code) you must include an acknowledgement:
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
*
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* The licence and distribution terms for any publically available version or
* derivative of this code cannot be changed. i.e. this code cannot simply be
* copied and put under another distribution licence
* [including the GNU Public Licence.]
*/
# Copyright (C) 2008, Bertrand Mesot <http://www.objectif-securite.ch>
# 2008, Cedric Tissieres <http://www.objectif-securite.ch>
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-13, USA
# General variables
SHELL = /bin/sh
prefix = @prefix@
exec_prefix = @exec_prefix@
bindir = $(exec_prefix)/bin
CC = @CC@
CFLAGS = @CFLAGS@
LDFLAGS = @LDFLAGS@
LIBS = @LIBS@
INSTALL = @INSTALL@
PACKAGE = @PACKAGE_NAME@
VERSION = @PACKAGE_VERSION@
distdir = $(PACKAGE)-$(VERSION)
DISTFILES = \
aclocal.m4 \
AUTHORS \
ChangeLog \
config \
config.h.in \
configure \
configure.in \
COPYING \
INSTALL \
install-sh \
LICENSE \
LICENSE.OpenSSL \
Makefile.in \
NEWS \
README.md \
config.sub \
config.guess \
src
all:
$(MAKE) -C src
install: all
@echo "Creating directories..."
$(INSTALL) -d $(DESTDIR)$(bindir)
@echo "Copying binary..."
$(INSTALL) src/ophcrack $(DESTDIR)$(bindir)
uninstall:
@echo "Deleting binary and manpages..."
rm -f $(DESTDIR)$(bindir)/ophcrack
clean:
rm -f *~
$(MAKE) -C src clean
distclean: clean
$(MAKE) -C src distclean
rm -f config.h config.status config.log
rm -rf autom4te.cache
rm -f src/gui/ophcrack_win32.rc src/gui/gui.pro src/gui/Info.plist
rm -f src/gui/Makefile
dist: distclean
rm -rf $(distdir)
mkdir $(distdir)
cp -r $(DISTFILES) $(distdir)
for dir in `find ${distdir} -name .svn -type d`; do rm -rf $$dir; done
tar cfj $(distdir).tar.bz2 $(distdir)
rm -rf $(distdir)
# automatic re-running of configure if the configure.in file has changed
configure: configure.in aclocal.m4
autoconf
# autoheader might not change config.h.in, so touch a stamp file
config.h.in: stamp-h.in
stamp-h.in: configure.in aclocal.m4
autoheader
echo timestamp > stamp-h.in
config.h: stamp-h
stamp-h: config.h.in config.status
./config.status
Makefile: Makefile.in $(wildcard src/*.in) $(wildcard src/*/*.in) config.status
./config.status
config.status: configure
./config.status --recheck
http://ophcrack.sourceforge.net/news.php
# ophcrack (Time-Memory-Trade-Off-Crack) #
## About ##
A windows password cracker based on the faster time-memory trade-off using
rainbow tables.
This is an evolution of the original ophcrack 1.0 developed at EPFL
(http://lasecwww.epfl.ch/~oechslin/projects/ophcrack)
Ophrack comes with a Qt Graphical User Interface which runs on Windows,
Mac OS X as well as on Unix.
## Install ophcrack ##
Ophcrack can be downloaded from sourceforge: http://ophcrack.sourceforge.net
Binaries compiled for Windows are provided. These binaries are standalone
(portable) and no installation is required.
The Linux version is a source package. It can be compiled and
installed using these commands:
```
./configure
make
make install
```
### Tables ###
The tables have to be downloaded manually:
http://ophcrack.sourceforge.net/tables.php
## HOWTO ##
This howto assumes you have already installed ophcrack 3 and downloaded the
ophcrack rainbow tables you want to use. It also assumes that you understand how
to use third party tools like pwdump or mimikatz
(https://github.com/gentilkiwi/mimikatz) to dump the SAM of a Windows system.
Ophcrack and the ophcrack LiveCD are available for free at the ophcrack project
page (http://ophcrack.sourceforge.net/).
Ophcrack rainbow tables are available at ophcrack rainbow tables page
(http://ophcrack.sourceforge.net/tables.php).
### First step (optional) ###
This step is optional but will speed up the cracking process.
Run ophcrack and set the number of threads under the Preferences tab to the
number of cores of the computer running ophcrack.
### Second step ###
Load hashes using the Load button. You can either enter the hash manually
(Single hash option), import a text file containing hashes you created with
pwdump, mimikatz or similar third party tools (PWDUMP file option), extract the
hashes from the SYSTEM and SAM files (Encrypted SAM option) or dump the SAM from
the computer ophcrack is running on (Local SAM option).
For the Encrypted SAM option, the SAM is located under the Windows
system32/config directory and can only be accessed for a Windows partition that
is NOT running. For the Local SAM option, you MUST execute ophcrack with the
administrator rights on the computer you want to dump the SAM.
### Third step (optional) ###
This step is optional but will speed up the cracking process.
Delete with the Delete button every user account you are not interested in (for
exemple the Guest account). You can use the Ctrl key to make multiple selection.
Ctrl-a will select every loaded hash.