Posts Tagged ‘Windows’

he windows passwords can be accessed in a number of different ways. The most common way would be via accessing the Security Accounts Manager (SAM) file and obtaining the system passwords in their hashed form with a number of different tools. Alternatively passwords can be read from memory which has the added benefit of recovering the passwords in plain text and avoiding the cracking requirement. In order to understand the formats you’ll see when dumping Windows system hashes a brief overview of the different storage formats is required.

Lan Manager (LM) Hashes
Originally windows passwords shorter than 15 characters were stored in the Lan Manager (LM) hash format. Some OSes such as Windows 2000, XP and Server 2003 continue to use these hashes unless disabled. Occasionally an OS like Vista may store the LM hash for backwards compatibility with other systems. Due to numerous reasons this hash is simply terrible. It includes several poor design decisions from Microsoft such as splitting the password into two blocks and allowing each to be cracked independently. Through the use of rainbow tables which will be explained later it’s trivial to crack a password stored in a LM hash regardless of complexity. This hash is then stored with the same password calculated in the NT hash format in the following format: ::::::

An example of a dumped NTLM hash with the LM ant NT component. Administrator:500:611D6F6E763B902934544489FCC9192B:B71ED1E7F2B60ED5A2EDD28379D45C91:::

NT Hashes
Newer Windows operating systems use the NT hash. In simple terms there is no significant weakness in this hash that sets it apart from any other cryptographic hash function. Cracking methods such as brute force, rainbow tables or word lists are required to recover the password if it’s only stored in the NT format.

An example of a dumped NTLM hash with only the NT component (as seen on newer systems.
Administrator:500:NO PASSWORD*********************:EC054D40119570A46634350291AF0F72:::

It’s worth noting the “no password” string is variable based on the tool. Others may present this information as padded zeros, or commonly you may see the string “AAD3B435B51404EEAAD3B435B51404EE” in place of no password. This signifies that the LM hash is empty and not stored.

Location
The hashes are located in the Windows\System32\config directory using both the SAM and SYSTEM files. In addition it’s also located in the registry file HKEY_LOCAL_MACHINE\SAM which cannot be accessed during run time. Finally backup copies can be often found in Windows\Repair.

Tool – PwDump7 – http://www.tarasco.org/security/pwdump_7/
This tool can be executed on the system machine to recover the system hashes. Simply download the run the binary with at least administrator account privileges.

Tool – Windows Credential Editor – http://www.ampliasecurity.com/
Windows Credentials Editor (WCE) is great for dumping passwords that are in memory. Personally I typically use it with the -w flag to dump passwords in clear text. This can often net you passwords that are infeasible to get any other way.

Tool – Meterpreter
If you have a meterpreter shell on the system, often you can get the hashes by calling the hashdump command.

Method – Recovery Directory
Occasionally you may not have direct access to the file required, or perhaps even command line interaction with the victim. An example of this would be a local file inclusion attack on a web service. In those cases it’s recommended you try and recover the SYSTEM and SAM directories located in the Windows\Repair directory.

Method – Live CD
Sometimes you may have physical access to the computer but wish to dump the passwords for cracking later. Using a Live CD is a common method of being able to mount the Windows drive and recover the SYSTEM and SAM files from the System32/config directory since the OS isn’t preventing you access.

 

Advertisements

tv - programer

There is one key administrative feature that seems to be missing from Microsoft Office 365 – the “kill switch” that disables an Office 365 account and kills all active sessions (browser, ActiveSync, etc.).  Without official guidance from Microsoft, there has been speculation from Office 365 Admins on the best approach for disabling access to an Office 365 account in the event of a breach or security issue.

  • Change the password on the mailbox
  • Remove the mailbox using the “Remove-Mailbox” command
    • For example:
Remove-Mailbox -Identity "John Rodman"
  • Wait 15 minutes
  • Restore the mailbox

Restoring the mailbox is an important step in this process, since the mailbox will be automatically deleted if you do not restore it within 30 days.

hackers_4996108_lrgMost penetration testers are using either a Mac or a Linux-based platform in order to perform their penetration testing activities.However it is always a good practice to have and a Windows virtual machine with some tools ready to be used for the engagement.The reason for this is that although Windows cannot be used as a main platform for penetration testing some of the utilities and tools can still help us to extract information from our windows targets.So in this post we will see some of the tools that we can use in our windows system.

HashCheck Shell Extension

The HashCheck Shell Extension makes it easy for anyone to calculate and verify checksums and hashes from Windows Explorer. In addition to integrating file checksumming functionality into Windows, HashCheck can also create and verify SFV files (and other forms of checksum files, such as .md5 files).

Netcat

Netcat is often referred to as a “Swiss-army knife for TCP/IP”. Its list of features includes port scanning, transferring files, and port listening, and it can be used as a backdoor.

Metasploit Framework

The Metasploit Project is a computer security project which provides information about security vulnerabilities and aids in penetration testing and IDS signature development.

RealVNC Viewer

Remote access software for desktop and mobile platforms.

GetIf

SNMP tool that allows you to collect information about SNMP devices.

Cain & Abel

Cain & Abel is a password recovery tool for Microsoft Operating Systems. It allows easy recovery of various kind of passwords by sniffing the network, cracking encrypted passwords using Dictionary, Brute-Force and Cryptanalysis attacks, recording VoIP conversations, decoding scrambled passwords, recovering wireless network keys, revealing password boxes, uncovering cached passwords and analyzing routing protocols.

Wireshark

Wireshark is a free and open-source packet analyzer. It is used for network troubleshooting, analysis, software and communications protocol development.

PuTTY

PuTTY is an SSH and telnet client for the Windows platform.

Pass The Hash Toolkit

The Pass-The-Hash Toolkit contains utilities to manipulate the Windows Logon Sessions mantained by the LSA (Local Security Authority) component. These tools allow you to list the current logon sessions with its corresponding NTLM credentials (e.g.: users remotely logged in thru Remote Desktop/Terminal Services), and also change in runtime the current username, domain name, and NTLM hashes.

Cachedump

Recovering Windows Password Cache Entries.

Fport

Identify unknown open ports and their associated applications.

Nbtscan

This is a command-line tool that scans for open NETBIOS nameservers on a local or remote TCP/IP network, and this is a first step in finding of open shares.

Burp Suite

Burp Suite is an integrated platform for performing security testing of web applications. Its various tools work seamlessly together to support the entire testing process, from initial mapping and analysis of an application’s attack surface, through to finding and exploiting security vulnerabilities.

Winfo

Winfo uses null sessions to remotely try to retrieve lists of and information about user accounts, workstation/interdomain/server trust accounts, shares (also hidden), sessions, logged in users, and password/lockout policy, from Windows NT/2000/XP. It also identifies the built-in Administrator and Guest accounts, even if their names have been changed.

ClearLogs

ClearLogs clears the event log (Security, System or Application) that you specify. You run it from the Command Prompt, and it can also clear logs on a remote computer.

SQLDict

SQLdict is a dictionary attack tool for SQL Server.

PMDump

PMDump is a tool that lets you dump the memory contents of a process to a file without stopping the process.

GrabItAll

GrabItAll performs traffic redirection by sending spoofed ARP replies. It can redirect traffic from one computer to the attackers computer, or redirect traffic between two other computers through the attackers computer. In the last case you need to enable IP Forwarding which can be done with GrabItAll too.

DumpUsers

DumpUsers is able to dump account names and information even though RestrictAnonymous has been set to 1.

BrowseList

BrowseList retrieves the browse list. The output list contains computer names, and the roles they play in the network. For example you can see which are PDC, BDC, stand-alone servers and workstations. You can also see the system comments (which can be very interesting reading).

Remoxec

Remoxec executes a program using RPC (Task Scheduler) or DCOM (Windows Management Instrumentation).

WMICracker

Brute-force tool for Windows Management Instrumentation (WMI).

Venom

Venom is a tool to run dictionary password attacks against Windows accounts by using the Windows Management Instrumentation (WMI) service. This can be useful in those cases where the server service has been disabled.

SMBAT

The SMB Auditing Tool is a password auditing tool for the Windows-and the SMB-platform. It makes it possible to exploit the timeout architecture bug in Windows 2000/XP, making it extremly fast to guess passwords on these platforms.

RPCScan

RPCScan v2.03 is a Windows based detection and analysis utility that can quickly and accurately identify Microsoft operating systems that are vulnerable to the multiple buffer overflow vulnerabilities released in the MS03-026 and MS03-039 bulletins.

LSASecretsDump

LSASecretsDump is a small console application that extract the LSA secrets from the Registry, decrypt them, and dump them into the console window.

SQLPing

SQL Ping is a nice little command line enumerator that specifically looks for SQL servers and requires no authentication whatsoever.

OAT

The Oracle Auditing Tools is a toolkit that could be used to audit security within Oracle database servers.

Pwdump7

Extract password hashes from local user accounts.

PsTools

The PsTools package provides a set of command line utilities that allow you to manage local and remote systems.

Incognito

Incognito is a tool for manipulating windows access tokens and is intended for use by penetration testers, security consultants and system administrators.

DumpSec

DumpSec is a security auditing program for Microsoft Windows® NT/XP/200x. It dumps the permissions (DACLs) and audit settings (SACLs) for the file system, registry, printers and shares in a concise, readable format, so that holes in system security are readily apparent. DumpSec also dumps user, group and replication information.

X-Deep32

X-Deep/32 is an X Window Server for Windows NT/2000/9X/ME/XP that can be used to connect to host systems running UNIX, LINUX, IBM AIX etc.

LC5

Windows password cracker.

Ophcrack

Ophcrack is a free Windows password cracker based on rainbow tables.

SiVuS

SiVus is the first publicly available vulnerability scanner for VoIP networks that use the SIP protocol. It provides powerful features to assess the security and robustness of VoIP implementations.

 If you think that the patches delivered through Windows update can not be laced with malware, think again.
Security researchers have shown that Hackers could intercept Windows Update to deliver and inject malware in organizations.
Security researchers from UK-based security firm ‘Context’ have discovered a way to exploit insecurely configured implementations of Windows Server Update Services (WSUS) for an enterprise.

What is WSUS in Windows?

Windows Server Update Services (WSUS) allows an administrator to deploy the Windows software update to servers and desktops throughout the organization.
These updates come from the WSUS server and not Windows server.
Once the updates are with the administrator on the server, he can limit the privilege for the clients in a corporate environment to download and install these updates. As the admin is the owner of the distribution of these updates.

Intercepting WSUS to Inject Malware into Corporate Networks

By default, WSUS does not use SSL encrypted HTTPS delivery for the SOAP (Simple Object Access Protocol) XML web service. Instead, it uses the non-encrypted HTTP.
This is a major WSUS weakness that should not be ignored now. (At least when it has been exploited and shown to the world).
As WSUS installations are not configured to use SSL security mechanism, hence they are vulnerable to man-in-the-middle (MitM) attacks.
According to researchers Paul Stone and Alex Chapman, the attack is so simple that a hacker with low privileges can set up fake updates that can be installed automatically by connected machines.
All update packages that are downloaded from the Microsoft Update website are signed with a Microsoft signature. Which cannot be altered.
However, Hackers can alter Windows Update by installing malware in the metadata of the update.

By repurposing existing Microsoft-signed binaries, we were able to demonstrate that an attacker can inject malicious updates to execute arbitrary commands,” researchers said in the paper.

A malicious attacker can inject malware in the SOAP XML communication between the WSUS server and the client and making it look purely authentic update to install.
Windows update also includes more than 25,000 of 3rd-party drivers that are developed and signed by other developers, which can also be altered easily.

Our concern is that when plugging in a USB device, some of these drivers may have vulnerabilities that could be exploited for malicious purposes. Everyone is familiar with the ‘searching for Drivers’ and ‘Windows Update’ dialog boxes on their desktops – but these seemingly innocuous windows may be hiding some serious threats.

So, now it can be a big security threat for the new Windows 10. Either the corporates are going to live in the era of old Windows or upgrade and welcome the malware!
The researchers demonstrated the hack at the Black Hat security conference in Las Vegas this week in a talk titled, WSUSpect: Compromising the Windows Enterprise via Windows Update [PDF].

TV failure
CVE number for this vulnerability  is CVE-2014-3566:

This is an industry-wide vulnerability affecting the SSL3.0 protocol itself and is not specific to the windows operating system. All supported version of Microsoft implement this protocol and are  affected by this vulnerability. Considering the attack scenario, this vulnerability is not considered as high risk.

 What is SSL? 
 Secure Sockets Layer (SSL) is a cryptographic protocol that provides communication security over the Internet. SSL encrypts the data transported over the network, using cryptography for privacy  and a keyed message authentication code for message reliability.

What is TLS?
Transport Layer Security (TLS) is a standard protocol that is used to provide secure web communications on the Internet or on intranets. It enables clients to authenticate servers or, optionally, servers to authenticate clients. It also provides a secure channel by encrypting communications. TLS is the latest version of the Secure Sockets Layer (SSL) protocol.

What causes the vulnerability? 
The vulnerability is caused by a weakness in the CBC encryption algorithm used in SSL 3.0.

Impact:

The vulnerability In SSL3.0 allows attackers to decrypt encrypted website connections. The attackers can exploit a weakness in the protocol’s design to garb secret session cookies and can steal or tamper with your sensitive information while it’s in transit.

Mitigating Factor:

  • The attacker must make several hundred HTTPS requests before tha attack could be successful.
  • TSL 1.0, TLS1.1, TLS1.2 and all cipher suit that do not use CBC mode are not affected.

Affected Operating System:

Windows server 2003 service pack 2

Windows server 2003 x64 Edition service pack 2

Windows server 2003 with SP2 for Itanium-based system

Windows vista service pack 2

Windows vista x64 Edition service pack 2

Windows server 2008 for 32-bit system SP2

Windows server 2008 for x64-based system SP2

Windows server 2008 for Itanium-based system SP2

Windows 7 for 32-bit system SP1

Windows 7 for x64-based system SP1

Windows server 2008 R2 for x64-based system SP1

Windows server 2008 R2 for Itanium-based system SP1

Windows 8 for 32-bit system

Windows 8 for x64-based system

Windows 8.1 for 32-bit system

Windows 8.1 for x64-based system

Windows server 2012

Windows server 2012 R2

Windows RT

Windows RT 8.1

Resolution:

Microsoft is investigating on this vulnerability, and will take the appropriate action to help protect their customers. This may include providing a security update through monthly release process or providing an out-of-cycle security update. Microsoft has suggested a workaround to disable SSL3.0 to mitigate this vulnerability. This workaround will disable SSL3.0 for all server software installed on a system, Including IIS.

Workarounds:

1)    Disable SSL 3.0 and enable TLS 1.0, TLS 1.1, TLS 1.2 in Internet Explorer.

You can disable the SSL 3.0 protocol in Internet Explorer by modifying the Advanced Security settings in Internet Explorer.

To change the default protocol version to be used for HTTPS requests, perform the following steps:

  1. On the Internet Explorer Tools menu, click Internet Options.
  2. In the Internet Options dialog box, click the Advanced tab.
  3. In the Security category, uncheck Use SSL 3.0 and check Use TLS 1.0, Use TLS 1.1, and Use TLS 1.2 (if available).
  4. Click OK.
  5. Exit and restart Internet Explorer.

Note:  After applying this workaround, Internet Explorer will fail to connect to Web servers that only support SSL up to 3.0 and don’t support TLS 1.0, TLS 1.1, and TLS 1.2.

2)    Disable SSL 3.0 and Enable TLS 1.0, TLS 1.1, TLS 1.2 in Internet Explorer in Group Policy.

You can disable support for the SSL 3.0 protocol in Internet Explorer via Group Policy by modifying the Turn Off Encryption Support Group Policy Object.

  1. Open Group Policy Management.
  2. Select the group policy object to modify, right click and select Edit.
  3. In the Group Policy Management Editor, browse to the following setting:

Computer Configuration -> Administrative Templates -> Windows Components -> Internet Explorer -> Internet Control Panel -> Advanced Page -> Turn off encryption support

  1. Double-click the Turn off Encryption Support setting to edit the setting.
  2. Click Enabled.
  3. In the Options window, change the Secure Protocol combinations setting to “Use TLS 1.0, TLS 1.1, and TLS 1.2“.
  4. Click OK.

Note Administrators should make sure this group policy is applied appropriately by linking the GPO to the appropriate OU in their environment.

Note After applying this workaround, Internet Explorer will fail to connect to Web servers that only support SSL up to 3.0 and don’t support TLS 1.0, TLS 1.1, and TLS 1.2.

3)    Disable SSL 3.0 in Windows.

You can disable support for the SSL 3.0 protocol on Windows by following these steps:

  1. Click Start, click Run, type regedt32or type regedit, and then click OK.
  2. In Registry Editor, locate the following registry key:

HKey_Local_Machine\System\CurrentControlSet\Control\SecurityProviders \SCHANNEL\Protocols\SSL 3.0\Server

Note If the complete registry key path does not exist, you can create it by expanding the available keys and using the New -> Key option from the Edit menu.

  1. On the Editmenu, click Add Value.
  2. In the Data Typelist, click DWORD.
  3. In the Value Namebox, type Enabled, and then click OK.

Note If this value is present, double-click the value to edit its current value.

  1. Type 00000000in Binary Editor to set the value of the new key equal to “0”.
  2. Click OK. Restart the computer.

Note This workaround will disable SSL 3.0 for all server software installed on a system, including IIS.

Note After applying this workaround, clients that rely only on SSL 3.0 will not be able to communicate with the server.

 

tv-300x2241

There are a large number of websites and programs that prompt end users to save passwords on their personal computer(s). Popular web browsers such as Mozilla Firefox, Internet Explorer, Google Chrome, and instant messaging software like Windows Live Messenger are capable of saving user logins and passwords on the local computer. A common task that arises for the end-user is to find stored passwords on a computer in order to recover lost or forgotten access information. Depending on the application being used, operating system, and specific user permissions, the task can be as easy as choosing some options in the OS or having to download specific tools to crack the password file hash.

How to Find Stored Passwords in Windows XP

Microsoft Windows has the capability to manage stored user names and passwords for individual users so unique software may not be required for this purpose.

Step 1 – Click on the “Start” menu button and launch the “Control Panel”.

Step 2 – Locate the “Pick a category” menu label the select “User Accounts” menu option.

Step 3 – Open the “Stored User Names and Passwords” menu option by selecting “Manage my network passwords” beneath the “Related Tasks” menu label. If you are logged in as an administrator, select your user account. Then under related tasks choose the “Manage my network passwords.”

Step 4 – View the list of stored usernames and passwords.

How to Find Stored Passwords in Windows 7

Step 1 – Click on the “Start” menu button and launch “Control Panel”.

Step 2 – Click on “User Accounts and Family Safety”, then on “User Accounts”

Step 3 – In the left pane, click “Manage your network passwords”.

How to Find Stored Passwords in Windows 8

Step 1 – Click on the “Start” menu button and launch “Control Panel”.

Step 2 – Click on “User Accounts and Family Safety”, then on “Credential Manager”

How to View Stored Passwords on a MAC

On computers than run the Mac OS X operating system, when a user tells their computer to store a password associated with an application, website, or wireless network, the information is saved on the computer’s hard drive. OS X uses the Keychain Access utility to help Mac users to look-up and manage their stored passwords.

Step 1 – Launch the OS X “Finder” by clicking the menu icon on the computer’s dock. Then, navigate to the “Utilities” folder which is located under the “Applications” section on the Mac hard drive.

Step 2 – Open the “Keychain Access” program icon to launch the password utility application. Then, select “Passwords” from the options located in the lower left corner of the program window.

Step 3 – From the list find the application, web site or network name associated with the password you want to view and double click on it. A new window showing information about it will display.

Step 4 – Click on the “Show password” checkbox to reveal the password. You will be asked to enter your user password, and click “Allow”, in order to see it. Once you do it will be visible in the “Show password” field.

How to Find Stored Passwords in Firefox

The Mozilla FireFox Password Manager application stores user names and passwords on your computer’s hard drive and will automatically enter the data when visiting websites that require the information.

Steps to Use the Mozilla FireFox Password Manager

Step 1 – Launch Mozilla Firefox by double clicking the program icon on your computer’s desktop.

Step 2 – Select the “FireFox” menu button and then click the “Options” menu choice.

Step 3 – Select the “Security” menu tab that is located at the upper portion of the “Options” window.

Step 4 – Select the “Remember Passwords for Sites” check box if not already selected.

Step 5 – Log into a website that requires a username and password. Choose the “Remember” menu button on the subsequently displayed dialog box to save a new password in the FireFox Password Manager. Alternatively, you can choose the “Never for This Site” menu option to add an exception to the Password manger.

Step 6 – Choose the “Exceptions” menu button in FireFox to view the current exception list that the web browser is configured to never save a password. Sites can be removed from this list by clicking the “Remove All” menu button (removes all exceptions) or individually by selecting a site and choosing the “Remove” button.

Step 7 – View the saved passwords in the Password Manager by selecting the “Saved Passwords” menu button. You can also remove passwords from this window by clicking the “Remove All” or “Remove” menu buttons.

Steps to Change the FireFox Password Manager Master Password

The FireFox master password is used to protect the master key for the FireFox browser on your computer. The master key is used to encrypt email passwords, web site passwords, and other potentially sensitive information stored by the Form and Password Manager on your computer.

Step 1 – Launch Mozilla FireFox by double clicking the program icon.

Step 2 – Select the “FireFox” menu button, then click the “Options” menu choice, and choose the “Security” tab.

Step 3 – If the “Use a master password” checkbox is not selected you don’t have a master password. If it is selected then click on the “Change Master Password” button.

Step 4 – Enter your current password, and then in the fields below enter and re-enter the new password you wish to set.

How to Recover Passwords Hidden Behind Asterisks

A common problem that arises for end-users is determining what passwords are saved by their web browser if they do not have access to the Password Manager or equivalent application on their computer. The BulletsPassView utility is one of the most used freeware applications capable of performing this task. The program is a tool that is designed to reveal the passwords stored behind the asterisks in the standard password text box on the Windows operating system and Internet Explorer web browsers.

Improvements made to the BulletsPassView application from the legacy Asterisk Logger utility include support for Windows 7/8/Vista, support for Internet Explorer password text boxes, improved command line support, Unicode support to properly capture non-English language passwords, and not revealing the password inside of the password text-box itself (inside of the main window of the application only). The new version of BulletsPassView does have limitations; however, as it is not able to retrieve passwords displayed in the Chrome, FireFox, or Opera web browsers as well as the network and dial-up passwords on Windows. This is due to the fact that these applications do not save the password stored behind the asterisks to improve security.

Steps to Use BulletsPassView

Step 1 – Download the appropriate version of BulletsPassView for your computer. Please note that if you are using a 64 bit Windows computer there is a different version of the software than for 32 bit computers. You can tell if your Windows computer is a 64 bit by selecting “Start,” “Control Panel,” and “System” menu options and the OS type will be listed about half-way down the subsequently displayed screen.

Step 2 – Double-click the executable file downloaded to launch the application. The BulletsPassView program does not require an installation process. On launch, the program will make a first scan to locate any password text-boxes actively displayed and show the result on the program’s main window.

Step 3 – Open a website in Internet Explorer that has a password saved which you need to recover. Then click the “Refresh” menu button on BulletsPassView or press the “F5” key on your computer to display the password. Alternatively, the application supports an “Auto Refresh” option that is selectable under the “Options” menu to automatically scan for new passwords every few minutes.

Step 4 – Open the Windows command prompt by selecting the “Start” menu button and entering “CMD” in the search text field. Then, enter the fully qualified path to the BulletsPassView application and include “/stext <Filename>” followed by pressing the “Enter” key. This will save the list of passwords currently displayed on the computer’s screen to save the information in a simple text file.

BulletsPassView Command Line Options

BulletsPassView supports a number of command line options to save on-screen data into a number of formats to include text, XML, HTML, CSV.

/stext <Filename>       Save the list of bullet passwords into simple text file.

/stab <Filename>         Save the list of bullet passwords into a tab-delimited text file.

/scomma <Filename> Save the list of bullet passwords into a comma-delimited text file (csv).

/stabular <Filename>   Save the list of bullet passwords into a tabular text file.

/shtml <Filename>      Save the list of bullet passwords into HTML file (Horizontal).

/sverhtml <Filename>  Save the list of bullet passwords into HTML file (Vertical).

/sxml <Filename>        Save the list of bullet passwords into XML file.

 

Find Stored Passwords Using Cain & Abel

Cain & Abel is able to disclose or recover stored passwords on computers using the Windows operating system (OS). The application is distributed as freeware and includes the capability to conduct password-box revealing, network sniffing, brute-force, and dictionary attacks. The application does not exploit software bugs or vulnerabilities to ensure a higher quality of service. The primary purpose of the software is to simplify the recovery of passwords and credentials for network administrators, security professionals, and security software vendors. The current version of the software is faster than previous versions and provides support for encrypted protocols such as SSH-1 and HTTPS.

Find Stored Passwords in ZIP Files Using ALZip

ALZip is freeware produced by ESTSoft and is designed to recover lost or forgotten passwords from ZIP files. ALZip allows end-users to compress, uncompress, and recover lost passwords for zip file archives. The application has a “Password Recovery” menu option that when selected will recover the lost information for the end-user.

Other Popular Password Recovery Tools

Some of the other popular password recovery tools found are the freeware utilities produced by NirSoftFreeware, Ultimate ZIP Cracker, and the Password Recovery Tool for MS Access 1.

NirSoftFreeware has a number of handy freeware utilities for recovering lost passwords from IE, Outlook, and various Instant Messaging clients.

Ultimate ZIP Cracker (shareware from VDGSoftware) recovers passwords from ZIP, ARJ, MS Word, and MS Excel formats. The program supports Brute Force attacks, Smart, Dictionary, Date, and Customized searches when recovering passwords associated with the supported file formats.

Password Recovery Tool for MS Access 1 (from Hongxin Technology & Trade) is a free tool to recover MS Access passwords. The application provides support for MS Access database files through the 2003 version. The ability to recover passwords for newer versions of Access is not stated to be supported.

tvchrome

Google Chrome, a browser built on the Blink layout engine that aims to be minimalistic and versatile at the same time, is now at version 31.0.1650.26 Beta.

After the release of a development and stable version, a new Google Chrome Beta is now available, bringing a few much needed changes and improvements.

According to the announcement, a “kiosk_only” manifest attribute has been added for platform apps, a content switch has been added to turn off unprefixed MediaSource API, a wrong policy used for secondary users has been corrected, a tablet layout regression has been corrected, and much more.

A complete list of bug fixes and changes can be found in the official changelog.

Download Google Chrome 31.0.1650.26 Beta for Windows
Download Google Chrome 31.0.1650.26 Beta for Mac OS X
Download Google Chrome 31.0.1650.26 Beta for Linux