System Hacking

Active@ Password Changer

System Hacking Internet Security Whitepapers

Active@ Password Changer lets you reset local user passwords and change Windows login security restrictions on Windows NT / 2000 / XP / 2003 systems: this is useful when the Administrator’s password is forgotten or lost, or when the Administrator’s user account has been disabled or locked out.

Alternate Data Streams - What's Hiding in Your Windows NTFS?

System Hacking Internet Security Whitepapers Cryptography

Hackers and malware authors have a strong motivation to keep you from finding their malicious software on your system. If you find it, you can delete it. If you delete it, the malware author doesn't make money-yes, this is a for-profit business. Panda software, a respected anti-virus and anti-malware vendor, reports that from January - March of 2006, 70% of the malware released on the Internet was trying to make money for the authors in one way or another.

Attacking NTLM with Precomputed Hashtables

System Hacking Internet Security Whitepapers

Breaking encrypted passwords has been of interest to hackers for a long time, and protecting them has always been one of the biggest security problems operating systems have faced, with Microsoft’s Windows being no exception. Due to errors in the design of the password encryption scheme, especially in the Lan- Man(LM) scheme, Windows has a bad track in this field of information security. Especially in the last couple of years, where the outdated DES encryption algorithm that LanMan is based on faced more and more processing power in the average household, combined with ever increasing harddisk size, made it crystal clear that LanMan nowadays is not just outdated, but even antiquated.

Biometric Authentication Systems

System Hacking Internet Security Whitepapers Physical Security Web Based Password Cracking

This paper presents our conclusions from a year-long study of biometric authentication techniques and actual deployment potential, together with an independent testing of various biometric authentication products and technologies. We believe that our experience can help the reader in considering whether and what kind of biometric authentication should or should not be used in a given system. Biometric technology has not been studied solely to authenticate humans. A biometric system for race horses is being investigated in Japan and a company that imports pedigree dogs into South Africa uses a biometric technique to verify the dogs being imported.

Designing A Kernel Key Logger

System Hacking Internet Security Whitepapers

The following tutorial outlines the design of a simple key logger implementation using a kernel filter driver. Although the key logger itself is only proof-of-concept and lacks the functionality of a useful attack tool, it presents filter drivers as a potentially useful (and underutilized) rootkit hooking technique while demonstrating a few of the basic programming challenges that distinguish kernel design from user land development. The filter is based on the method shown in the ctrl2cap program at sysinternals.com.

DriveCrypt: Secure Hard Disk Encryption

System Hacking Internet Security Whitepapers

DriveCrypt is a program that provides a virtually encrypted disk on all MS Windows operating systems. Basically, a container is created on the hard disk which is subsequently mounted by the DriveCrypt software. This software creates a new logical drive letter through which the disk is accessed. The important thing is that any data written to the new logical drive is encrypted with the algorithm of your choice.

FoxHole Manual

System Hacking Internet Security Whitepapers Hacking Mobile Phones, PDA & Handheld Devices

The FoxHole is designed for the advanced users who want full control over the filesystem of their phone. They can also use it to store their files in a secure manner. The FoxHole is not an encrypting software. It creates a virtual drive from multimedia files and can store the user’s sensitive files in these multimedia files. It works with the so-called steganography methods (data hiding techniques). While the traditional data-hiding techniques can store only very little data (they use only one store-file) it was time to develop a technology that enables the user to handle more files together. Thus came the idea of a virtual drive that can be seen as a newly created drive under the name Hole. This data-storing methods only modify, but not demage the original files. For example an audio file remains seemingly untouched. But many rewriting can seriously degrade the quality of multimedia files.

Hacking Databases for Owning your Data

System Hacking Internet Security Whitepapers Hacking Database Servers

Data theft is becoming a major threat, criminals have identified where the money is. In the last years many databases from fortune 500 companies were compromised causing lots of money losses. This paper will discuss the data theft problem focusing on database attacks, we will show actual information about how serious the data theft problem is, we will explain why you should care about database security and common attacks will be described, the main part of the paper will be the demonstration of unknown and not well known attacks that can be used or are being used by criminals to easily steal data from your databases, we will focus on most used database servers: MS SQL Server and Oracle Database, it will be showed how to steal a complete database from Internet, how to steal data using a database rootkit and backdoor and some advanced database 0day exploits. We will demonstrate that compromising databases is not big deal if they haven't been properly secured. Also it will be discussed how to protect against attacks so you can improve database security at your site.

Password Attack on Kerberos V and Windows 2000

System Hacking Internet Security Whitepapers

Kerberos V authentication protocol is described in more detail. The Windows 2000 implementation of Kerberos V protocol requires the use of the pre-authentication data in the KRB_AS_REQ message by default, which makes it harder to implement offline password attacks. If pre-authentication is not used, anyone can make a request for a TGT and launch an offline password attack against it. The default implementation of preauthentication data cons ists of an encrypted timestamp and a cryptographic checksum created with a key derived from the user’s password.

Password Cracking and Brute-Force Tools

System Hacking Internet Security Whitepapers

Brute-force techniques take advantage of rising hardware performance combined with falling hardware cost. This time-memory tradeoff means that it is actually easier to pregenerate an entire password dictionary and execute lookups of password hashes. These pregenerated dictionaries, often referred to as Rainbow Tables, consist of the entire key space for a combination of length and content. For example, one dictionary might consist of all seven character combinations of lower- and uppercase alphanumerics, while another dictionary might consist of nine character combinations of only lowerand uppercase letters. These dictionaries are encrypted with DES, MD5, or whatever target algorithm the user desires.