NETCRACK Release 1.02 ======================== by Jim O'Kane 443 Virginia Ave. Winchester, VA 22601 (v) [703] 722-9751 =========================== DISCLAIMER ================================== THIS PROGRAM IS FOR DEMONSTRATION AND DIAGNOSTICS ONLY! ANY USE OF THIS PROGRAM TO CAPTURE PASSWORDS OR GAIN UNAUTHORIZED ACCESS TO NETWORKS IS PROHIBITED BY FEDERAL LAW! ========================================================================= INTRODUCTION ========================================== April, 1992 ===== Hi, Folks! This is a third and maybe final public release of the NETCRACK program I wrote back in 1990. I don't think there will be another one because it can get too many people in too much trouble. SUMMARY OF NETCRACK ===================================================== This version, as in the previous ones, runs a sequential check of alphanumeric characters [0..9,A..Z] from "A" to "99999999" to spot a verified NetWare password for a given user name. The process uses the NetWare Bindery call Verify Bindery Object Password (Function E3h, Code 3Fh). This function works from any network terminal where IPX and the NetWare shell has been loaded You do NOT need to be logged in to run this program! Just type NETCRACK and a valid User Name. NEW THIS VERSION ======================================================== The biggest change from 1.01 is the addition of the test to see if Intruder Detection is active on the Network. Previously, NETCRACK would blindly continue asking the network for verification while it had already blown I/D. Now, if Intruder Detection is ON, NETCRACK aborts and reports back on the I/D state. 1.02 still does not test for valid User Name. If you key in the wrong User Name, the program will go off on its merry way, trying to verify on a user who isn't there. A quick sign of this is when the password test incrementation goes into warp speed from its usual pace. If that happens, just press a key and try again. PROTECTING YOURSELF FROM NETCRACK ======================================= One easy way to protect yourself is: TURN ON INTRUDER DETECTION NOW! Another way is to use non-alphanumerics in your password, like or or . Make your passwords complicated, long, non-word formatted, and CHANGE OFTEN! Take your network DOWN every weekend to knock off Monte Carlo-type programs like this one. WHY WOULD ANYONE WRITE A PROGRAM LIKE THIS? =============================== The point of this stupid program is that your network could be wide open to people just like you who have access to a program like this. NetWare is not the be-all and end-all for the security needs of a network. Dumb stuff, like the fact that Intruder Detection may default to "OFF" when your network was set up, or the fact that you let people plug in laptops that can run a slow program like this for DAYS until they get the password - - this kind of thing happens all over the world because network administrators buy the installer's line that your network is impregnable. Don't believe it. This program is deliberately crippled. It runs slow so you can catch it. It does not look for all permutations of a password. But it is DANGEROUS if you are a sloppy Network Administrator. Don't ever forget that there are programs out there that can run as silently as this one, only much faster and meaner. If you are a network user, show this program to your Administrator and ask if you are protected from programs like this. If you find that Intruder Detection is OFF, have your Administrator examine the console screen. This program will show NO activity under MONITOR while it is busy cracking passwords. Then take the Administrator back to your machine and mention that this program could have just as easily been written as a TSR and not even show up on your workstation. Admininstrators NEED to be scared about programs like this. OF COURSE... ============================================================== Version 1.0 of this program was unintentionally released to the free world gratis. However, since I've devoted a lot of long-distance calls back to users, I am requesting a $20 donation for this version, if you use it much. Please forward it to: Jim O'Kane 443 Virginia Ave. Winchester, VA 22601 USA Thanks for your support. If you have questions, go ahead and call me. [703] 722-9751.