Beruflich Dokumente
Kultur Dokumente
P U B L I C B E T A R E L E A S E ( aka BETA-5 )
Contents
Silly Documentation
Advanced Usage
Contact Me
Credits
History
Footnotes
WHY? .... RAHacker can be looked upon as a tool to play with and as a
laboratory to learn about CRCs. You can use it to test your own
passwords, are thay safe from lexicon hacking? For how long can they
withstand a brute-force attack? You will see that a badly choosen
password can be breached in seconds, while a good password may survive
even the most intent hacker[1]. I said 'may', because a password stored
as a CRC32 checksum is reduced from any length down to just four bytes
(characters), and as you may gather from that: - many passwords
have the same CRC! - this is important, because if you choose a password
of 20 characters, it may have an equalient in just five characters, and
thus can be easily cracked.
When RAH starts it will look for a file called RAHACK20.INI - its
configuration file.
BadPassFile =
ReportFile = RAHACK20.RPT
Lexicon = WORDLIST.TXT
UserFile = USERS.BBS
BarColor = 46
AsciiSet = ABCDEFGHIJKLMNOPQRSTUVWXYZ
PassSeparator = ""
-- 8< ------ 8< --- snipp --- 8< -----
Explanation.
SOUND YES/NO
Beep when passwords found?
AUTOSAVE YES/NO
Save snapshot when password found?
UPPERPASSWORD YES/NO
Should be set to YES if you are hacking RA Passwords. Only change this
if you _REALLY_ know what you are doing!
BADPASSFILE <filename>
All found passwords will be saved in this file. Make sure you do not use
this file as input at the same time. This function may be very bugged,
use with care.
REPORTFILE <filename>
Standard filename for reports
LEXICON <filename>
Path and filename of your lexicon
USERFILE <filename>
Path and filename of the default userfile.
BARCOLOR 0-255
Color of the selector bar. (Bra Att Ha(TM) Funktion ;-=)
ASCIISET Characterset
Default valid characters for bruteforce attack.
PASSSEPARATOR Character
Character to insert between words in CombiLexicon attack,
usually set to " " or "". Notice that is _does_ say
passseparator with THREE 's':es .. sigh...
When the userfile has been loaded you will be faced with a list of
all users, it looks something like this:
You should see a selector bar positioned on the first user. This is the
"main" command-center, here you inspect users, choose which should be
attacked etc... You can 'tag' (aka mark or flag) a user by pressing
'INSERT', you will notice a little 'flag' appearing on the left when
you do so. Okay, try tagging a couple of users and press 'ENTER'.
I have choosen three users to hack, myself amongst them :), anyway. you
just enter a password and it will be encrypted and tested on every
tagged user when you press enter, if you guessed correctly .. Blaammm!
You got him! :-)
"Does this not impress you?" as David Copperfield would have said, well
I thought not. Although quite fun, hacking by hand is not very efficient,
but more on that later.
In most of my dialogboxes you must press 'ESC' to escape back one level,
("I will say this only once, so listen carefully" ;)
F2 Report
F3 Tag
F4 Load
|F5 Save
|
| Create a snapshot of your current progress (tagged users, passwords
| hacked etc...) Once a USERS.BBS file has been snapshot:ed you don't
| really need it any more, not for hacking it anyway. New in Beta-5
| is the ability to save under a different name (ALT+F5), this can be
| used in case of an emergency when you don't want to overwrite the old
| snapshot. Remember, RAH will still only look for and load RAHACK20.DAT
| you've got to rename any other snapshot file if you want to load it..
F7 Search
Enter a searchstring, RAH will scan the userlist for a match, both
on name, handle and password. Press ALT+F7 to countinue a search.
F8 Hack!
ALT+F8/F9 Export/Import
You can export the userbase to a plain ascii file. I've implemented
the Export function to aid 3:d party developers and persons developing
tools in the same category as this program. Import can be used to
read other userlists than RA, this means that this program can be
used to attack _ALL_ sorts of CRC32 codes. All you have to do is
write a converter from the 'original file format' to this simple
format that RA-HACKER can import.
F10 Quit
Guess what? RAHacker will close down. Note: You will be asked if you
are sure you want to exist, make sure you have saved you progress or
you may loose many hours of work.
|ALT+F10 Shell
|
| Shell to DOS with a minimum of memory available (no swapping)
| Might come in handy ... or something.. I don't know!
There are more keys you could try, for instance you can see some
debug-information if yuu press TAB, and you can change the password
of a user by pressing CTRL+ENTER. There are also two undocumented
functions which are undocumented just because they are extremely
"beta:ish" and you really don't need them anyway, trust me on that.
� �� 6000 Kristoffer��������������������������������������Ŀ � �
� �� 6000 Gunnar Ret� � � �
� �� 6000 Fredrik Ni� Start Lexicon Attack � � �
� � 1000 Peter Fors� � � �
� � 5000 Robert Ris� Start Num-Counter Attack � � �
� � 100 Magnus Ste� � � �
� � 100 LarS eRlAn� Start Alpha-Counter Attack � � �
� � 100 Patrick An� � � �
� � 1000 Christian � Start User/Handle Attack � � �
� � 1000 Jonas Nils� � � �
� � 100 Andreas We� Start Random String Attack � � �
� � 100 Roger Vuol� � � �
� � 1000 Thomas Tyd���������������������������������������� � �
LEXICON ATTACK
Starting password is just that, make sure that only characters defined
as valid (see below) are used. NOTE: There are always one 'invisible'
character last on this string, thus if you enter 'A' the first string
to be tested will be 'AA', this is a speedoptimization, the last character
will never be saved as it is used in a tight loop that always goes
all the way through the set. Okey, so its a little technical humbo-jumbo,
just keep in mind that you usually would NOT want to change the starting
password, but if you do you must be aware of this.
Ending Password should usually not be tampered with, I didn't even feel
like implementing it, but I did. You can guess what it's used for.
Press ESC when you are done, you will probably be faced with this dialog:
This needs a little explanation. RAH will keep track of the 'highest'
ascii string tested as a password on each user. This is done so that you
will not have to do redundant hacking. Well, this is not exactly
fool-proof. If you for example remove some characters from the valid
characters definition you will 'distrub' these high-marks. I have
choosen to solve this in a quite drastic manner; I simply zero all
highmark pointers if you redefine the valid characters. This _may_
change in future versions, but that's not very likely.
Okey... when you are done with your settings you can choose 'Start
BruteForce attack' ... this will pop-up
RAHacker will start the bruteforce attack. The progress information can
be updated by pressing 'SPACE'. You will be notified when a password
is found. If sound isn't set to 'OFF' in the inifile you will also
hear a little beep. The attack will continue until all users have been
hacked or the password reach 'ending password' as discussed earlier.
USER/HANDLE ATTACK
Some users are _really_ stupid. I mean that, either the do not care about
their passwords or thay are utterly ignorant... or possibly a little of both.
This attack method is aimed on those kind of [l]users. U/H attack will
try the following as a password against all users:
This is a very quick attack, and you need not supply any parameters.
It's not very efficient, but who knows, you may get lucky.
(Though for the next version, add 'Location' and 'Phonenumber' to the list
above...)
Stupid attack. Can be used if you run a brute force attack on one computer,
and this one on another in parallel.
Yes it is.
"no it ISN'T!".
Yes it is!.
"NO it IS NOT!".
Y E S I T I S!
Okay, so it isn't working then - fix it! (It works for me, that implies
that it should work on all MS-DOS running machines in the universe :-)
No! It is NOT standing still when you do not press space. You use space to
UPDATE the screen, not to keep the program running... <stupid users.. hurm>
And -YES- autosave of hacked words into separate lexicon will fuck up if
you run SHARE. Hu, I don't care.. filesharing/filemodes sucks ... Fix it
yourself instead of whining about it..
PS
Crippleware SUCKS!
This is free to spread and use as long as you include this documentation,
the configuration file(s) and do not alter the executable or anything
else. This program may not be used by Lasse B Lundin, Bror Hellman or
Bo Bendtsen.
You may distribute "hacked" versions based the included sourcecode - but
you may only do so if you ALSO include the _UNMODIFIED_ SOURCE.ZIP file
*AND* the original SRM_PGP.ZIP *AND* The full source of your version.
[1] I've have choosen to use the word "Hacker" in this documentation,
but I know that some may object to that use, I know I do.
[2] No! That has _nothing what so ever_ to do with breaking into cars.
END_OF_DOCUMENTATION