UnSecure Documentation.
f5a118c8da6a89ff85bc3e7669c91aecdec755310ee9cf28cb5230512e508dad<HTML>
<HEAD>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1">
<META NAME="GENERATOR" CONTENT="Mozilla/4.03 [en] (WinNT; I) [Netscape]">
<TITLE>SniperX.net - UnSecure
</TITLE>
</HEAD>
<Body bgcolor="000000" text="AAAAAA" link="E0E0F0" vlink="B0B0E0">
<CENTER>
<H1>
<IMG SRC="unsecure.jpg" ALT="UnSecure v1.2" > <BR>
Documentation</H1></CENTER>
<CENTER>
<H4>
<p>
<BR>
*****************************************************************************
<BR>
<BR>
UnSecure
<BR>
ver 1.2
<BR>
<BR>
Copyright (c) 1998 SniperX, All rights reserved
<BR>
<BR>
For news and updates visit www.SniperX.net
<BR>
<BR>
*****************************************************************************
<BR>
Contents:
<BR>
<BR>
1. Introduction
<BR>
<BR>
2. Using UnSecure
<BR>
a. Basic Information
<BR>
b. Interface
<BR>
c. Attack Methods
<BR>
<BR>
3. Technicalities and Theory
<BR>
<BR>
4. Contact Info
<BR>
*****************************************************************************
<BR>
<BR>
Check at www.sniperx.net for updates on docs and such.
<BR>
<BR>
1. Introduction
<BR>
<BR>
Most people believe the Internet is secure and near impossible to break into. Since we know
<BR>
differently, we decided to provide means for everyone to experiment with the Internet's
<BR>
Security. Through UnSecure, the world will gain a better idea on whether or not they're safe.
<BR>
<BR>
UnSecure is a Brute Forcing program to exploit flaws with the worlds current Internet
<BR>
Security. This program is able to try every possible password combination, and pinpoint the
<BR>
users password. UnSecure can currently break into most Windows 95/98, Windows NT,
<BR>
Mac, Unix and other OS servers with or without a firewall. Some people say the time to
<BR>
Brute Force a server can take years. This is not true considering the way
<BR>
hardware is being sped up.
<BR>
<BR>
Unfortunately we also both know that the average users password is 6
<BR>
lowercase characters.
<BR>
<BR>
<BR>
2. Using UnSecure - Click connect to start!
<BR>
<BR>
2a. Basic Information
<BR>
<BR>
UnSecure is primarily meant to be used over a network connection,
<BR>
yet is able to work with a modem connection as well. On a Pentium 233,
<BR>
UnSecure will go through a 37,000 word dictionary in under 5 minutes when
<BR>
attacking locally. UnSecure will run over a modem, but not nearly as fast
<BR>
as over a LAN.
<BR>
<BR>
NOTE : More than one instance of UnSecure will run at a time, without
<BR>
slowing down the other instance(s) a great deal. Although there is not
<BR>
an existing feature to do so automatically, you may run this program
<BR>
more than once on the same host, at the same time, starting on different
<BR>
password combinations. UnSecure is not cpu intensive.
<BR>
<BR>
2b. Interface
<BR>
<BR>
Examples :
<BR>
The computer name or IP : ftp.xxxxxxxxx.com or mail.xxxxxxxxx.com or x.x.x.x
<BR>
Port : 110 for most mail servers. 21 for most ftp servers.
<BR>
Username : The name of the user that you wish to pose as.
<BR>
Password : You can leave this the way it is.
<BR>
Reconnect: Some servers will disconnect you if you make x number of incorrect
<BR>
tries. The reconnect option tells UnSecure to automatically reconnect
<BR>
if the remote host does disconnect you.
<BR>
Autosave : This option, when enabled, auto saves your session (all current info.)
<BR>
as a file called autosave.uns.
<BR>
<BR>
*NOTE* You CAN save a session while attacking.
<BR>
<BR>
2c. Attack Method
<BR>
<BR>
UnSecure uses two methods to accomplish its task. A dictionary attack, and a brute
<BR>
force attack. A dictionary attack meaning you have a file containing all of the words
<BR>
and combinations you choose, seperated by spaces or crlf's (carrage return/
<BR>
linefeed's) to use as guesses.
<BR>
<BR>
The brute force method will allow you to try all possible password
<BR>
combinations using the characters you specify (a-z, A-Z, 0-9, and special).
<BR>
You may also use a custom character set.
<BR>
<BR>
Custom brute force characters : A character set you make up... ex : if you put
<BR>
ab3... It will try all combinations with the characters a, b and 3.
<BR>
<BR>
<BR>
3. Technicalities and Theory
<BR>
<BR>
This idea is based on a well known attack, but has never been exploited like this. Never has
<BR>
there been a program that allowed anyone to practice this kind of attack.
<BR>
<BR>
The program should have a fairly decent client computer, on which UnSecure is running.
<BR>
The bandwidth is the main slowdown. UnSecure has a far greater potential than what has been
<BR>
described here. For our examples, we used Pentium 233's. Imagine the speed difference if the
<BR>
client and host were Pentium II 400Mhz's on a 100Mbit connection.
<BR>
<BR>
<BR>
4. Contact Info
<BR>
<BR>
From now on, please only contact the following addresses.
<BR>
<BR>
guns@sniperx.net
<BR>
unsecure@sniperx.net
<BR>
www.sniperx.net
<BR>
<BR>
Greets go to :
<BR>
<BR>
The L0pht
<BR>
<BR>
MilW0rm
<BR>
<BR>
All the Kevins
<BR>
<BR>
And, our favorite...
<BR>
<BR>
Bill!
<BR>
<BR>
This program is deticated to the U.S. goverment and all the others
<BR>
who just don't get it.
<BR>
</p>
<BR>
Last updated : June 11, 1998
</HTML>
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed