Penetration Testing mailing list archives
Re: Password Auditing
From: "kevin" <toggmeister () vulnerabilityassessment co uk>
Date: Fri, 4 May 2007 22:00:08 +0100
Mike,There are so many password crackers these days that can do this, try some of these in the first instance:
John The Ripper LC5 (Albeit difficult to get hold of due to export restrictions) Medusa LCP pwdump (deprecated by the following) fgdump Rainbowcrack oat/ oscanner/ orabf/ checkpwd for oracle piggy for sql (if I remember correctly) scully for sql/ mysql Rgds Kev http://www.vulnerabilityassessment.co.uk----- Original Message ----- From: "Mike Gibson" <micheal.gibson () gmail com>
To: <> Sent: Friday, May 04, 2007 6:50 PM Subject: Password Auditing
Can anyone recommend a good password auditing tool. Basically I want to identify weak passwords on my servers (Windows, Linux, Unix). Ideally this would be done by a tool that could remotely fetch the local password database and then attempt to brute force the passwords and prepare a report in a central location. Any suggestions? ------------------------------------------------------------------------ This List Sponsored by: Cenzic Are you using SPI, Watchfire or WhiteHat? Consider getting clear vision with Cenzic See HOW Now with our 20/20 program! http://www.cenzic.com/c/2020 ------------------------------------------------------------------------
------------------------------------------------------------------------ This List Sponsored by: Cenzic Are you using SPI, Watchfire or WhiteHat? Consider getting clear vision with Cenzic See HOW Now with our 20/20 program! http://www.cenzic.com/c/2020 ------------------------------------------------------------------------
Current thread:
- Password Auditing Mike Gibson (May 04)
- RE: Password Auditing Beauchamp, Brian (May 04)
- RE: Password Auditing John Babio (May 04)
- Re: Password Auditing Manuel Arostegui Ramirez (May 04)
- RE: Password Auditing Ken Kousky (May 05)
- Re: Password Auditing kevin (May 04)
- Re: Password Auditing Nico Golde (May 04)
- Re: Password Auditing crazy frog crazy frog (May 06)
- Re: Password Auditing rajat swarup (May 07)
- Re: Password Auditing Christine Kronberg (May 07)
- <Possible follow-ups>
- RE: Password Auditing Brungardt, Jill (May 04)
- Re: Password Auditing kevin.horvath (May 07)