Update JBrute v-0.93 : Open Source Security tool to audit stored and hashed password.

changelog v0.93:
Date: 11/09/2013
Fixes:
——
_ Error in encrypt main parameter with chained case (wrong encryption in
chained algorithms with non-default case)
_ Default character set changed to “loweralpha”.
_ Now JBrute notifies you if it is using the default character set.
_ Error when format of Oracle10g hash is incorrect.
_ Error if format of PostgreSQL hash is incorrect.
_ Error if format of MSSQL-2000 hash is incorrect.
_ Error if format of MSSQL-2005 hash is incorrect.
_ Error if format of MSSQL-2012 hash is incorrect.
_ Improve performance on MYSQL-411 algorithm (3 times faster than last
implementation).
_ Changed MYSQL-411 hash format: you must not specify the ‘*’ character at
the beginning of the hash.
_ Format of number of hashes per second in test mode changed. If number >
1000000, the last 3 digits will be replaced
with the “K” character. (so: 2500000 would be 2500K).
_ Improve performance for hashed special algorithms (by SpecialAlgorithm
class and MyMEssageDigest class).
_ Correct Sybase name algorithm (before JBrute knows it as SYSBASE-1502,
now is SYBASE-ASE1502).
_ Correct minor bug about case of username (salt) in POSTGRESQL algorithm.
_ Correct error when trying to decrypt a MD5CRYPT hash (both brute and
dictionary methods).
New Functionalities:
——————–
_ New main parameter “–expected”, that shows examples of the formats
expected for each supported algorithm.

 

jbrute_test
JBrute is an open source tool written in Java to audit security and stronghold of stored password for several open source and commercial apps. It is focused to provide multi-platform support and flexible parameters to cover most of the possible password-audit scenarios.
Java Runtime version 1.7 or higher is required for running JBrute.

Supported algorithms:
MD5
MD4
SHA-256
SHA-512
MD5CRYPT
SHA1
ORACLE-10G
ORACLE-11G
NTLM
LM
MSSQL-2000
MSSQL-2005
MSSQL-2012
MYSQL-322
MYSQL-411
POSTGRESQL
SYSBASE-1502

Features

  • Muli-platform support (by Java VM)
  • Several hashing algorithms supported
  • Flexible chained hashes decryption (like MD5(SHA1(MD5())))
  • Both brute force and dictionary decryption methods supported
  • Build-In rule pre-processor for dictionary decryption
  • Multi-threading support

Installation:
————-

There is no need to install JBrute, just execute “jbrute.bat” if you are using
windows platform, or “jbrute.sh” if you are using *nix platform.

Download : JBrute_v0-93.zip (101.5 kB) 
Find Other Version |
Sources : http://seclists.org/fulldisclosure/2013/Sep/104?utm_source=twitterfeed&utm_medium=twitter
Our Post Before : http://seclist.us/jbrute-v-0-92-beta-first-release-open-source-security-tool-to-audit-stored-and-hashed-password.html