home
***
CD-ROM
|
disk
|
FTP
|
other
***
search
/
SuperHack
/
SuperHack CD.bin
/
Hack
/
UTILS
/
XIT20.ZIP
/
XIT.TXT
< prev
next >
Wrap
Text File
|
1994-01-01
|
6KB
|
129 lines
╔════════════╗
║ [XiT] v2.0 ║ (C) Copyright 1993, 1994 XCrypt Productions
╚════════════╝ Written by Roche'Crypt / Feb.94
QUICK START
═══════════
Ok, you have your 'passwd' and a dictionary files, right? From the DOS
prompt, just type:
XIT PASSWD MYDICT.TXT
No need to say that you are to substitute PASSWD and MYDICT.TXT for
the appropiate filenames you are going to use.
XIT is a batch file that will do the following:
- Extract all encrypted passwords from the passwd file, and save them
on a temporary file.
- Sort this file (to speed up the cracking process and take advantage
of different passwords using the same salt).
- Run the cracker program (XITx.EXE)
- Create a STATUS and REPORT files, showing results and statistics of
the session. This information will also be displayed on the screen.
NOTES
═════
* XiT creates some temporary files. While these files are generally small,
make sure there is enough space in your drive, i.e. don't run XiT on a
floppy with only a few K free. No need to say that running XiT from a HD
is highly reccomended. A disk cache will also help to improve speed,
although there is no big deal of difference if you don't use any.
XiT will get rid of those files before exiting the program.
* To restore a previously aborted session, just write down the last word
processed in the last session (which is also in the STATUS file) and use
the option -S when calling XIT.BAT. If, for example, the last word
processed was 'foobar', you would call XIT like:
XIT passwd dictio -Sfoobar
This will make XiT to skip all words in the dictionary until it finds
'foobar', and continue cracking from that point. Note there are NO
spaces between the -S switch and the word.
* XIT2.EXE is for 286 computers, and XIT3.EXE is for 386 or better. By
default, XIT.BAT calls the 386 version. If you have a 286, edit XIT.BAT
and change XIT3 to XIT2 in the line 19.
WHAT'S NEW?
═══════════
- Got rid of all the crappy, useless docs. If you still want them
(they explain step by step what each module does and how), send
me mail.
- Added the SPACEBAR option to display status line.
- Optimize the code for better speed.
- Full C source code of the main executable file (XIT*.EXE) released
And that's all. If you happen to know how to create a global/static table
of more than 64k using Borland C 3.1, and know how to contact me, I would
appreciate you let me know. That's all I need to speed up XiT to incredible
limits! Hmm... I've gotta get my hands on that GNU compiler.
WHY ANOTHER PASSWORD CRACKER?
═════════════════════════════
I wrote this program for just one reason: as a small programming challenge
and study of the UNIX crypt(3) function. By releasing full source code of
the main module (xit.exe), I expect that others will learn (some will
laught), study the code, play with it, critizise, and maybe improve it.
I'm not really releasing XiT for sysadms to test the security of their
systems, although they can do so if they want. And I am not releasing my
work for other people to crack passwords with obscure purposes in mind
neither. Being an encryption worshipper, I respect both, the rights to
access free information, and the rights for privacy. However, I know that
some people will use it to crack password files. This is something that
can't be avoided (these losers trying to crack some poor user's account
are truly pathetic, anyway). But since there are similar public domain
programs out there already doing this (and they have been for years), I
know I'm not jeopardizing any system or account by releasing XiT.
COMPILING THIS
══════════════
Use Compact memory model. Compile and link XIT.C & CRYPT.C, with XIT.C as
the main module. That's it. I used Borland C/C++ 3.1 to compile it, and
there should be no problems there. Minor changes might be neccesary for
other compilers.
DISCLAIMER
══════════
I expect you to use this program wisely, and for honest purposes only. If
you mess up with other people's accounts and get in trouble, don't blame
me. You asked for it. Next time be more mature and use your time in more
productive ways. Fortunately, nowadays more and more sysadms are using
shadowed passwd files. Leaving the passwd file out there for everyone to
see is like asking "Crack me, please!" and speaks by itself about the
sysadms of that particular site.
If XiT burns out your computer, erases your hard drive or installs Windows
in it, again, don't blame me. Anytime you run XiT or any of its modules,
you assume all the responsibility of whatever might happen. Any results
from manipulating the code and recompiling it are your absolute
responsibility as well. All XiT modules, documentation and source code are
copyright under the US and international laws. You are welcome to modify
the code, send comments, try to improve it, post public and private notes
about it (with or without source) and release your own versions (under a
different name of course) but you MUST CLEARLY include credits where
applicable in both, the program and the documentation (if you release your
code, include it there as well), stating that the original code was
obtained from XiT 2.0 (c) copyright 1993,1994 XCrypt Productions, and
written by Roche'Crypt. And blah blah blah...
HOW TO CONTACT THE AUTHOR
═════════════════════════
I remain anonymous to the general public because I have decided to do so.
Period! If you want to send comments, post them in alt.2600, with the word
XiT in the subject. I read the group on a weekly basis, and even you
probably won't know who I really am, you migth as well be talking to me
already. I might as well answer people's questions throught third parties
using anonymous services and such. If you have something to say about XiT,
post it in alt.2600 and it will get to me.
Roche'Crypt
