Ncrack is a high-speed network authentication cracking tool. It was built to help companies secure their networks by proactively testing all their hosts and networking devices for poor passwords. Security professionals also rely on Ncrack when auditing their clients. Ncrack was designed using a modular approach, a command-line syntax similar to Nmap and a dynamic engine that can adapt its behaviour based on network feedback. It allows for rapid, yet reliable large-scale auditing of multiple hosts.
Ncrack’s features include a very flexible interface granting the user full control of network operations, allowing for very sophisticated bruteforcing attacks, timing templates for ease of use, runtime interaction similar to Nmap’s and many more.
Ncrack was started as a “Google Summer of Code” Project in 2009. While it is already useful for some purposes, it is still unfinished, alpha quality software. It is released as a standalone tool.
Ncrack is available for many different platforms, including Linux, *BSD, Windows and Mac OS X. There are already installers for Windows and Mac OS X and there is a universal source code tarball that can be compiled on every system.
Example: A representative Ncrack scan
$ ncrack 10.0.0.130:21 192.168.1.2:22Starting Ncrack 0.01ALPHA ( http://ncrack.org ) at 2009-07-24 23:05 EEST
Discovered credentials for ftp on 10.0.0.130 21/tcp:
10.0.0.130 21/tcp ftp: admin hello1
Discovered credentials for ssh on 192.168.1.2 22/tcp:
192.168.1.2 22/tcp ssh: guest 12345
192.168.1.2 22/tcp ssh: admin money$
Ncrack done: 2 services scanned in 156.03 seconds.
Ncrack finished.
[click to continue…]
China’s leading search engine claims a shocking lack of security nous at its chosen domain name registrar was responsible for a prolonged outage last month.
China’s Baidu says in legal papers that that an obvious scammer was able to con Register.com support staff into handing over the keys to its kingdom, resulting in millions of dollars of lost revenue.
Baidu, which commands 70 percent of the Chinese search market, was offline for at least four hours on the 12th of January. During the incident, its baidu.com home page instead showed the messaged “This site has been hacked by the Iranian Cyber Army”.
In its lawsuit, the company claims a Register.com support rep allowed the hacker to reset the administrative email address for the domain to ‘antiwahabi2008@gmail.com’, despite the imposter providing obviously incorrect security codes during an online chat.
The hacker then allegedly used Register’s automated password reminder function to change Baidu’s account password, giving him access to the domain’s name servers. The whole rudimentary scam took less than 45 minutes, Baidu claims.
[click to continue…]
