.

XP Password Cracking using IEEE-1394 - Which is the tool?

<<

morpheus063

User avatar

Sr. Member
Sr. Member

Posts: 393

Joined: Sun Jun 25, 2006 10:08 am

Location: Cochin - India

Post Sat Mar 08, 2008 10:00 am

XP Password Cracking using IEEE-1394 - Which is the tool?

Hi All,

I was listening to the TechTarget Weekly Podcast, where they were talking about a password cracking tool for Windows XP using the IEEE-1394 port. Do you have any idea about this tool. They say that its a linux based tool.

I Could find the following link.

http://freerepublic.com/focus/f-chat/1981136/posts

Any more links or info do we have?
Manu Zacharia
MVP (Enterprise Security), ISLA-2010 (ISC)², C|EH, C|HFI, CCNA, MCP,
Certified ISO 27001:2005 Lead Auditor

[b]There are 3 roads to spoil; women, gambling & hacking. The most pleasant with women, the quickest with gambling, but the surest is hacking - c0c0n
<<

eth3real

User avatar

Sr. Member
Sr. Member

Posts: 309

Joined: Wed Feb 27, 2008 10:35 am

Location: US

Post Sat Mar 08, 2008 12:50 pm

Re: XP Password Cracking using IEEE-1394 - Which is the tool?

I saw this on Hackszine.com a few days ago.
http://www.hackszine.com/blog/archive/2008/03/ram_dump_over_firewire.html

It looks like the name of the tool is winlockpwn. I haven't got a chance to try it out, yet, since I have no PCs with FireWire.
Here is the link to the project site.
http://storm.net.nz/projects/16
Put that in your pipe and grep it!
<<

LSOChris

Post Sat Mar 08, 2008 9:45 pm

Re: XP Password Cracking using IEEE-1394 - Which is the tool?

yup thats the right link.  getting the libraries installed is straightforward but i havent been able to get it to work on ubuntu, some sort of python memory read issue.
<<

eth3real

User avatar

Sr. Member
Sr. Member

Posts: 309

Joined: Wed Feb 27, 2008 10:35 am

Location: US

Post Sun Mar 09, 2008 12:36 pm

Re: XP Password Cracking using IEEE-1394 - Which is the tool?

This is something I really have to try out soon.

My laptop at work has a FireWire port, but I disabled it a long time ago since I don't use it. It's time for me to dig up a cable and test some of the workstations around the office. 8)

One could also get a PCMCIA IEE-1394 card for their laptop to try this out.

I would be curious to see if this will work with a Windows laptop running andLinux (see http://www.andlinux.org/). I will try this out some time this week.
Put that in your pipe and grep it!
<<

eth3real

User avatar

Sr. Member
Sr. Member

Posts: 309

Joined: Wed Feb 27, 2008 10:35 am

Location: US

Post Thu May 22, 2008 2:37 am

Re: XP Password Cracking using IEEE-1394 - Which is the tool?

I was just curious if anybody has been able to try this out, or if this type of vulnerability is being addressed in pentests, etc., or if Microsoft has corrected this problem yet.

It has been a dead topic for a while, but I still think it shows some potential. I haven't yet been able to try it myself, though.
Put that in your pipe and grep it!
<<

LSOChris

Post Thu May 22, 2008 10:33 am

Re: XP Password Cracking using IEEE-1394 - Which is the tool?

its regarded as a feature not a vulnerability.  there are some tutorials out there using helix to get this going and someone got it going on BT3 as well.

Return to Tools

Who is online

Users browsing this forum: No registered users and 0 guests

.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software