99 lines
3.4 KiB
Plaintext
99 lines
3.4 KiB
Plaintext
|
|
P A S S W O R D E N G I N E (for IBM PC's) by Uncle Armpit
|
|
+++++++++++++++++++++++++++++++++++++++++++++
|
|
|
|
The device driver code listed below provides a data stream of passwords.
|
|
The device driver approach was used to speed up the process
|
|
of cracking passwords on an incremental basis. The usual approach was
|
|
to generate the passwords to a file, then reading the file, etc..the device
|
|
driver approach circumvents these file storage problems, and others, such as
|
|
having enough free disk space and delays from disk i/o.
|
|
This driver operates completely in memory (approx. 0.5Kb)
|
|
|
|
How practical is this?
|
|
----------------------
|
|
This program would be very useful if you think you may know what strategy
|
|
the user/admin uses for picking out their passwords. Without eliciting some
|
|
sort of a strategy, forget it-- unless your desperate enough!!
|
|
|
|
|
|
A "strategy" could consist of any of these possible advantages--
|
|
|
|
1) default passwords (ie: SIN, student #, birth date, phone number...)
|
|
2) the mutation of a lUSERs' known password from another system
|
|
3) viewing the mark typing in most of their password with a couple
|
|
of unseen characters
|
|
4) etc...
|
|
|
|
---------------------------
|
|
With the sample device driver provided, passwords starting at
|
|
'aaaaaaa' and ending with 'zzzzzzz' will be generated. The length
|
|
of the password string can be modified by changing the length of
|
|
the password string itself (that is, the variable "number"). The
|
|
range of characters in the passwords can also be changed by
|
|
modifying the following two lines:
|
|
|
|
;hackdrv.sys
|
|
;.
|
|
;.
|
|
;
|
|
for ending character--
|
|
cmp byte ptr [number+si],'z'+1 ;+1 past ending char. in range
|
|
|
|
...and for starting character
|
|
cmp byte ptr [number+si],'a' ;starting char. in range
|
|
;
|
|
;----------------------
|
|
|
|
for instance, if you wished to generate numbers from "0000000" to
|
|
"9999999"
|
|
|
|
-change the ending character to:
|
|
cmp byte ptr [number+si],'9'+1
|
|
|
|
-starting character to:
|
|
cmp byte ptr [number+si],'0'
|
|
|
|
and "number" variable from 'aaaaaa' to '0000000' and then
|
|
recompile..
|
|
|
|
-----
|
|
|
|
..or in the third case, if u had observed a lUSER type in most of
|
|
their password, you may want to rewrite the code to limit the
|
|
search. IE: limit the keys to a certain quadrant of the keyboard.
|
|
Modify the code starting at "reiterate:" and ending at "inc_num
|
|
endp" for this.
|
|
=================================================================
|
|
|
|
|
|
/'nuff of this!/ How do I get things working?
|
|
-----------------------------------------------
|
|
|
|
Compile the device driver "hackdrv.sys", and the second program,
|
|
"modpwd.asm". Then specify the device driver inside config.sys
|
|
(ie: "c:\hackdrv.sys"). The code below was compiled with the a86
|
|
compiler, v3.03. Some modifications might be needed to work with
|
|
other compilers.
|
|
|
|
To use it in prgs like crackerjack, type in the following on the
|
|
command line:
|
|
|
|
|
|
c:\>jack -pwfile:<your password file here!> -word:hackpwd
|
|
|
|
------
|
|
If you had stopped a cracker program (eg: crackerjack) and want to
|
|
pick up from where you left off, run the program "modpwd.com".
|
|
|
|
This program can change HACKDRVs password through-
|
|
|
|
a) a command line argument (ie: "modpwd aabbbbe")
|
|
b) executing the program with no parameters (this method also
|
|
displays the current password in memory)
|
|
|
|
|
|
|
|
Happy Hacking,
|
|
Uncle Armpit
|