|
Last Saturday Alex and I were asked by Adrian Crenshaw of irongeek.com to come out and help teach a class on password exploitation with him. The class lasted 6 hours and Alex and I got two of them to talk about our favorite new password cracking software hashcat.          This year at Def Con 18 the security company Kore Logic sponsored a password cracking competition. Naturally we here at Question-Defense wanted a shot at the title. We enlisted the guys over at Hashcat to help out on our team. We believe that Hashcat takes password cracking to a whole new level and we have gotten to be good friends with the developers. Me and Alex headed out to Las Vegas to enter the competition and we had a blast.
Aug
26
2010
 
New Tools & Online Store Coming Soon, QD Tools User Base ExpandsPosted by dakykilla in cudaThe Question Defense team has been busy lately giving talks, exploring infosec security conferences, winning a hash cracking competition, and planning QD expansions. We wanted to provide a quick update for QD Tools users and explain some items that are coming in the near future. Over the last week we have been compiling, sorting, removing and adding a massive amount of words to our wpa wordlist. Some of these were grabbed from leaked sites, some were generated by us and many were donated by members of the community. One new feature we have tried to implement is common 8 and 10 char hex only keys which will match many of the routers which have a default key which is hex such as Thompson and BT-Home hub. We have also gone through great trouble to remove most of the words with special chars, over the last 6 months of running the wpa cracker we have hardly seen any cracked keys with special chars so we removed all words which didn’t have the most common ones like ‘ ” # $ and @. This will increase the current cracking time from 1.5 hours to around 3 hours. There will be not be a increase in the cost for these new features. We are not really interested in making money, the small amount we charge is only to cover hosting and the electrical bill. The previous list contained around 540 million words and the current list now contains about 980 million words. Special thanks to anyone who donated a list to the site. Thanks purehate & dakykilla We received some emails wondering why the QD Tools site was down over a period of time on 05.02.2010 so we wanted to provide a brief update to assure everyone that this was not a normal event and we have taken steps to prevent this in the future. Tonight we integrated the Question Defense Tools changelog into Twitter so you can follow all of our hardware and software upgrades more easily. Any new products that are released such as new password crackers or other online automated security audit tools will be noted in the QD Tools Changelog. Also if we upgrade or include other enhancements to the current automated tools such as the Online WPA Password Cracker, the Online SHA1 Hash Cracker, the Online MD4 Hash Cracker, the Online MD5 Hash Cracker, the Online NTLM Hash Cracker, or the RaR Password Cracker then we will note the upgrades in our changelog which will automatically be posted to Twitter. We continue to work on making our tools faster, easier to use, and provide more benefits for our customers. If you have any feedback related to the current tools or have suggestions for future tools please let us know by filling out our online contact form by clicking here. We take pride in the services we offer and so regardless of the content we respond to all feedback submitted via our online contact form. When we did the rebuild of the tools server we used a Intel i7 920 as our CPU. This was mainly due to our budget, which was good, but not unlimited. After we got the server together and ran it for a few weeks we decided a upgrade of the CPU was probably in order. We ordered a Intel i7 965 Extreme processor and I put it in a few nights ago. With no over clocking at all its already a pretty impressive CPU. I hope to get some bench marks in the next week or so and compare them to the 920 bench marks. This push’s our tools server up to about 100k pmk/s when it comes to WPA Cracking. Alex and I recently upgraded the server that runs our tools applications. We figured some people may be interested in what powers our applications so we decided to make a post showcasing the upgrade. As every one knows, our tools are GPU powered but we have never talked much about the actual guts of the machine. We wanted to provide a quick update on the Question Defense Security Audit Tools site. While the site hasn’t had any major updates in the past month since we launched our Online RAR Password Cracker we have been really busy behind the scenes working on various projects related to our Security Audit Tools section which at the current time consists of various password crackers that use CUDA technology. In the near future we will be making some major changes that will make all of our services more efficient. We plan to offer more choices available with the Online WPA/WPA2 Password Cracker which will initially include different wordlist lengths and wordlist combination options. We launched the new Online RAR Password Cracker today. The RAR Password Cracker will attempt to brute force the RAR file so depending on the option you select the RAR Cracker will test every combinations of characters in the selected character sets. There are currently 5 different options to crack RAR passwords including combinations up to 7 characters in length and various character sets. The character sets include numbers only, lowercase only, uppercase only, lowercase + numbers, and a full character set. The Online RAR Password Cracker is much slower than our other password crackers. Once you have uploaded the RAR file to QD Tools and paid for the selected length and character set option the results will be emailed to you once the RAR Cracker has completed running. |
tools.question-defense.com (RSS)