Reuters Hacked Again With Hoax of Saudi Arabia's Foreign Minister Saud al-Faisal Death

Reuters Hacked Again With Hoax of Saudi Arabia's Foreign Minister Saud al-Faisal Death 

Yet again Reuters have fallen victim to cyber criminals. A week ago blogging platform of Reuters was compromised and a false interview with a Syrian rebel leader was posted by the hacker on a Reuters' journalist's blog. This time also the same story repeats, this the second time in a single month, which immediately rises questions about Reuters' security concern. A report appeared on the Reuters blog, stating that Saudi Arabia's foreign minister Saud al-Faisal had passed away. The information was phony and the handiwork of hackers who had happily chipped away at Reuters' security system. The false report was immediately deleted. The entire blogs.reuters.com platform remained temporarily down again till Thursday (Aug. 16), later it was restored and came back to its general format. 

Reuters confirmed the attack while saying- "Reuters.com was a target of a hack on Tuesday. Our blogging platform was compromised and a fabricated blog post saying Saudi Arabia's Foreign Minister Prince Saud al-Faisal had died was illegally posted on a Reuters journalist's blog on Reuters.com"

According to experts Reuters had been running the WordPress 3.1.1 version software, instead of the latest 3.4.1 version. It has been indicated that the older version of WordPress has a minimum of 20 reported vulnerabilities."Wordpress and its plug-ins are often targeted by attackers as the wide proliferation of the software makes it a target that provides a lot of bang for the buck for exploit developers," said Marcus Carey of Rapid7. "the blame lies with site owners and administrators who fail to keep up with patches. While updating software is a basic step, there is evidence of a lack of execution in this area." -Carey added

-Source (BBC)

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Reuters Hacked Again With Hoax of Saudi Arabia's Foreign Minister Saud al-Faisal Death"https://www.voiceofgreyhat.com/2012/08/Reuters-Hacked-Again.html</a>

‎pcAnywhere Exploit- More Than 200,000 Windows PCs Can Be Hijacked

‎pcAnywhere Exploit More Than 200,000 Windows PCs Can Be Hijacked 

According to a researcher hackers have made pcAnywhere hackers exploiting bugs in the Symantec software which can hijack as many as 200,000 systems connected to the Internet. Also Rapid7 developer of Metasploit confirmed that an estimated 150,000-to-200,000 PCs are running an as-yet-unpatched copy of the Symantec software, and are thus vulnerable to be hijacked by remote attacks, which could commandeer the machine's keyboard and mouse, and view what's on the screen.This bug has been found just after Symantec took the unprecedented step of telling pcAnywhere users to disable or uninstall the program because attackers had obtained the remote access software's source code. According to an exclusive report of Computer World- 

Credit Card Data at Risk:-
About 2.5% of those vulnerable Windows PCs, or between 3,450 and 5,000 systems, are running a point-of-sale system - Windows PCs are often paired with cash registers by small businesses - potentially putting credit card data at risk, said HD Moore, chief security officer at Rapid7.
Moore reached those conclusions by scanning the internet for the TCP port the software leaves open for incoming commands, running more targeted scans for evidence of the remote access software, then using the number of programs that identify themselves as older than the patched editions to estimate the extent of the problem.
Some of the computers returned queries with replies consistent with specific point-of-sale software, Moore said. Point-of-sale software often relies on pcAnywhere for remote support, not for transmitting credit card data, but by exploiting pcAnywhere, a cybercriminal could control the machine and easily harvest the information. "These point-of-sale systems are an attractive target for break-in," said Moore.

Exploitable Bugs:-
DoS attacks can sometimes be leveraged to execute remote code. The source code leak also ups the risk to pcAnywhere users, Moore maintained, even though Symantec has patched some flaws. With the source code at their disposal and the software's problems highlighted in the media, researchers on both sides of the law will spend time looking for vulnerabilities, he said. And some of that research may result in new, exploitable bugs.
An anonymous researcher has already published findings from his examination of the pcAnywhere source code. Although his description on the InfoSec Institute website did not claim any new vulnerabilities, he noted that the source code also revealed the workings of LiveUpdate, the Symantec service used to update much of its software, including its consumer antivirus programs, such as Norton Antivirus. "We now know how their LiveUpdate system works thanks to the included architecture plans and full source code," said the researcher. Symantec did not immediately reply to a request for comment on Moore's research or Norman's DoS proof-of-concept.

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">‎pcAnywhere Exploit- More Than 200,000 Windows PCs Can Be Hijacked"https://www.voiceofgreyhat.com/2012/02/pcanywhere-exploit-more-than-200000.html</a>

Metasploit 4.2.0 Released With IPv6 Support & Virtualization Target Coverage

Metasploit 4.2.0 Released With IPv6 Support & Virtualization Target Coverage

Earlier we haev discussed many times about one of the most famous and widely used exploitation framework named Metasploit. Yet again the Rapid 7 released another updated version of Metasploit. This update brings Metasploit to version 4.2.0, adding IPv6 support and virtualization target coverage. You'll also notice a new Product News section and update notification for our weekly updates. Since the last major release (4.1.0), added 54 new exploits, 66 new auxiliary modules, 43 new post-exploitation modules, and 18 new payloads. 

Brief About Metasploit:- 

The Metasploit Framework is a penetration testing toolkit, exploit development platform, and research tool. The framework includes hundreds of working remote exploits for a variety of platforms. Payloads, encoders, and nop slide generators can be mixed and matched with exploit modules to solve almost any exploit-related task.

Module Changes:-

•     Novell eDirectory eMBox Unauthenticated File Access

•     JBoss Seam 2 Remote Command Execution

•     NAT-PMP Port Mapper

•     TFTP File Transfer Utility

•     VMWare Power Off Virtual Machine

•     VMWare Power On Virtual Machine

•     VMWare Tag Virtual Machine

•     VMWare Terminate ESX Login Sessions

•     John the Ripper AIX Password Cracker

•     7-Technologies IGSS 9 IGSSdataServer.exe DoS

•     Microsoft IIS FTP Server <= 7.0 LIST Stack Exhaustion

•     DNS and DNSSEC fuzzer

•     CheckPoint Firewall-1 SecuRemote Topology Service Hostname Disclosure

•     CorpWatch Company ID Information Search

•     CorpWatch Company Name Information Search

•     General Electric D20 Password Recovery

•     NAT-PMP External Address Scanner

•     Shodan Search

•     H.323 Version Scanner

•     Drupal Views Module Users Enumeration

•     Ektron CMS400.NET Default Password Scanner

•     Generic HTTP Directory Traversal Utility

•     Microsoft IIS HTTP Internal IP Disclosure

•     Outlook Web App (OWA) Brute Force Utility

•     Squiz Matrix User Enumeration Scanner

•     Sybase Easerver 6.3 Directory Traversal

•     Yaws Web Server Directory Traversal

•     OKI Printer Default Login Credential Scanner

•     MSSQL Schema Dump

•     MYSQL Schema Dump

•     NAT-PMP External Port Scanner

•     pcAnywhere TCP Service Discovery

•     pcAnywhere UDP Service Discovery

•     Postgres Schema Dump

•     SSH Public Key Acceptance Scanner

•     Telnet Service Encyption Key ID Overflow Detection

•     IpSwitch WhatsUp Gold TFTP Directory Traversal

•     VMWare ESX/ESXi Fingerprint Scanner

•     VMWare Authentication Daemon Login Scanner

•     VMWare Authentication Daemon Version Scanner

•     VMWare Enumerate Permissions

•     VMWare Enumerate Active Sessions

•     VMWare Enumerate User Accounts

•     VMWare Enumerate Virtual Machines

•     VMWare Enumerate Host Details

•     VMWare Web Login Scanner

•     VMWare Screenshot Stealer

•     Capture: HTTP JavaScript Keylogger

•     Oracle DB SQL Injection via SYS.DBMS_CDC_SUBSCRIBE.ACTIVATE_SUBSCRIPTION

•     Asterisk Manager Login Utility

•     FreeBSD Telnet Service Encryption Key ID Buffer Overflow

•     Linux BSD-derived Telnet Service Encryption Key ID Buffer Overflow

•     Java Applet Rhino Script Engine Remote Code Execution

•     Family Connections less.php Remote Command Execution

•     Gitorious Arbitrary Command Execution

•     Horde 3.3.12 Backdoor Arbitrary PHP Code Execution

•     OP5 license.php Remote Command Execution

•     OP5 welcome Remote Command Execution

•     Plone and Zope XMLTools Remote Command Execution

•     PmWiki <= 2.2.34 pagelist.php Remote PHP Code Injection Exploit

•     Support Incident Tracker <= 3.65 Remote Command Execution

•     Splunk Search Remote Code Execution

•     Traq admincp/common.php Remote Code Execution

•     vBSEO <= 3.6.0 proc_deutf() Remote PHP Code Injection

•     Mozilla Firefox 3.6.16 mChannel Use-After-Free

•     CTEK SkyRouter 4200 and 4300 Command Execution

•     Adobe Flash Player MP4 SequenceParameterSetNALUnit Buffer Overflow

•     Icona SpA C6 Messenger DownloaderActiveX Control Arbitrary File Download and Execute

•     HP Easy Printer Care XMLCacheMgr Class ActiveX Control Remote Code Execution

•     Viscom Image Viewer CP Pro 8.0/Gold 6.0 ActiveX Control

•     Java MixerSequencer Object GM_Song Structure Handling Vulnerability

•     MS05-054 Microsoft Internet Explorer JavaScript OnLoad Handler Remote Code Execution

•     MS12-004 midiOutPlayNextPolyEvent Heap Overflow

•     Viscom Software Movie Player Pro SDK ActiveX 6.8

•     Adobe Reader U3D Memory Corruption Vulnerability

•     Aviosoft Digital TV Player Professional 1.0 Stack Buffer Overflow

•     BS.Player 2.57 Buffer Overflow

•     CCMPlayer 1.5 m3u Playlist Stack Based Buffer Overflow

•     Free MP3 CD Ripper 1.1 WAV File Stack Buffer Overflow

•     McAfee SaaS MyCioScan ShowReport Remote Command Execution

•     Mini-Stream RM-MP3 Converter v3.1.2.1 PLS File Stack Buffer Overflow

•     MS11-038 Microsoft Office Excel Malformed OBJ Record Handling Overflow

•     Ability Server 2.34 STOR Command Stack Buffer Overflow

•     AbsoluteFTP 1.9.6 - 2.2.10 LIST Command Remote Buffer Overflow

•     Serv-U FTP Server < 4.2 Buffer Overflow

•     HP OpenView Network Node Manager ov.dll _OVBuildPath Buffer Overflow

•     XAMPP WebDAV PHP Upload

•     Avid Media Composer 5.5 - Avid Phonetic Indexer Buffer Overflow

•     Citrix Provisioning Services 5.6 SP1 Streamprocess Opcode 0x40020000 Buffer Overflow

•     HP Diagnostics Server magentservice.exe Overflow

•     StreamDown 6.8.0 Buffer Overflow

•     Wireshark console.lua Pre-Loading Script Execution

•     Oracle Job Scheduler Named Pipe Command Execution

•     SCADA 3S CoDeSys CmpWebServer <= v3.4 SP4 Patch 2 Stack Buffer Overflow

•     Sunway Forcecontrol SNMP NetDBServer.exe Opcode 0x57

•     OpenTFTP SP 1.4 Error Packet Overflow

•     AIX Gather Dump Password Hashes

•     Linux Gather Saved mount.cifs/mount.smbfs Credentials

•     Multi Gather VirtualBox VM Enumeration

•     UNIX Gather .fetchmailrc Credentials

•     Multi Gather VMWare VM Identification

•     UNIX Gather .netrc Credentials

•     Multi Gather Mozilla Thunderbird Signon Credential Collection

•     Multiple Linux / Unix Post Sudo Upgrade Shell

•     Windows Escalate SMB Icon LNK dropper

•     Windows Escalate Get System via Administrator

•     Windows Gather RazorSQL Credentials

•     Windows Gather File and Registry Artifacts Enumeration

•     Windows Gather Enumerate Computers

•     Post Windows Gather Forensics Duqu Registry Check

•     Windows Gather Privileges Enumeration

•     Windows Manage Download and/or Execute

•     Windows Manage Create Shadow Copy

•     Windows Manage List Shadow Copies

•     Windows Manage Mount Shadow Copy

•     Windows Manage Set Shadow Copy Storage Space

•     Windows Manage Get Shadow Copy Storage Info

•     Windows Recon Computer Browser Discovery

•     Windows Recon Resolve Hostname

•     Windows Gather Wireless BSS Info

•     Windows Gather Wireless Current Connection Info

•     Windows Disconnect Wireless Connection

•     Windows Gather Wireless Profile

For additional information click Here. To Download Metasploit version 4.2.0 for windows & Linux click Here.

 -Source (rapid7)

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Metasploit 4.2.0 Released With IPv6 Support & Virtualization Target Coverage"https://www.voiceofgreyhat.com/2012/02/metasploit-420-released-with-ipv6.html</a>

Videoconferencing System Is Vulnerable, Hacker Can Listen Company's Confidential Discussions

Videoconferencing System Is Vulnerable, Hacker Can Listen Company's Confidential Discussions 

Recent research underscores that insecure video conferencing systems can allow hackers to listen into a company's confidential discussions. 

According to an exclusive article of Robert Lemos, Contributing Editor of Dark Reading:- Last October, security researcher HD Moore scanned about 3 percent of addressable Internet space looking for high-end videoconferencing systems -- the type of systems present in many corporate boardrooms and meeting spaces.
The scan, which took about two hours using a handful of computers, discovered a quarter of a million systems that understood the H.323 protocol, widely used by Internet protocol (IP) communication systems. Using that list, Moore, the chief security officer for vulnerability-management firm Rapid7, used a module for the popular Metasploit framework to "dial" each server, connect long enough to grab the public handshake packets, and then dropped the connection. "Any machine that accepted a call was set to auto answer," Moore says. "It was fairly easy to figure out who was vulnerable, because if they weren't vulnerable, then they would not have picked up the call." Using the information, Moore and Rapid7 CEO Mike Tuchen identified 5,000 videoconferencing systems that were set to automatically answer incoming calls, allowing a knowledgeable attacker to essentially gain a front-row seat inside corporate meetings. Videoconferencing systems that automatically answer incoming calls can be turned on externally by an attacker without attracting the attention of people in the boardroom. In tests on systems in Rapid7's lab, the researchers found that the system could listen into nearby conversations and record video of the surrounding environment -- even read e-mail from a laptop screen and passwords off of a sticky note that was 20 feet away. While the number of vulnerable systems may be small -- about 150,000 across the Internet, Moore estimates -- the technique returned an interesting set of targets, he says.

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Videoconferencing System Is Vulnerable, Hacker Can Listen Company's Confidential Discussions"https://www.voiceofgreyhat.com/2012/01/videoconferencing-system-is-vulnerable.html</a>

Metasploit Pro (Community Edition of Metasploit)

US security company Rapid7 has announced the launch of a Community Edition of the popular Metasploit exploit framework. According to Rapid7 Chief Security Officer and Metasploit Creator HD Moore, "The best way to tackle the increasing information security challenge is to share knowledge between practitioners, open source projects and commercial vendors."

The Community Edition is free for personal and professional use, combining the open source version of the framework with several of the features found in Metasploit Pro, to provide "an entry-level response to the evolving threat landscape". It includes "a basic version" of the commercial graphical user interface which is aimed at making it easier for users to get started with vulnerability verification and security assessments.

According to Rapid 7:-

Metasploit Pro helps enterprise defenders prevent data breaches by efficiently prioritizing vulnerabilities, verifying controls and mitigation strategies, and conducting real-world, collaborative, broad-scope penetration tests to improve your security risk intelligence.

Prevent data breaches:-

Metasploit Pro helps you improve your enterprise vulnerability management program and test how well your perimeter holds up against real world attacks:

• Identify critical vulnerabilities that could lead to a data breach so you know what to patch first
• Reduce the effort required for penetration testing, enabling you to test more systems more frequently
• Discover weak trust models caused by shared credentials that are vulnerable to brute forcing and harvesting
• Locate exposed, sensitive information with automated post-exploitation file system searches

Prioritize Vulnerabilities:-

Metasploit Pro makes your security and operations team more efficient because it helps you prioritize the vulnerabilities reported by your vulnerability scanner:

• Import vulnerability management reports from more than a dozen third-party applications and verify their findings to eliminate false positives
• Integrate with your in-house Nexpose infrastructure to kick off new scans and access real-time vulnerability findings (requires Nexpose)
• Focus on remediating critical vulnerabilities to reduce exposure and reduce mitigation costs
• Prove exploitability to application owners to expedite remediation

Verify controls and mitigation efforts:-

Metasploit Pro helps you verify that your remediation effort, such as a patch, new firewall rule or IPS configuration, actually stops the vulnerability from being exploited.

• Re-run exploits after mitigation to verify its effectiveness in preventing a data breach
• Enable the IT operations team or your client to verify whether controls and mitigations were successful by handing them a replay script that re-traces the steps you took to exploit the vulnerability
• Draw on the Nexpose vulnerability database to read up on ways to remediate vulnerabilities (requires Nexpose)

For more information about Metasploit Pro Click Here

To Download Metasploit Click Here

-News Source (Rapid 7)

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Metasploit Pro (Community Edition of Metasploit)"https://www.voiceofgreyhat.com/2011/10/metasploit-pro-community-edition-of.html</a>

John the Ripper 1.7.8

John the Ripper is a fast password cracker, currently available for many flavors of Unix, Windows, DOS, BeOS, and OpenVMS. Its primary purpose is to detect weak Unix passwords. It supports several crypt(3) password hash types commonly found on Unix systems, as well as Windows LM hashes.



What is new in John the Ripper 1.7.8 :-


The bitslice DES S-box expressions have been replaced with those generated by Roman Rusakov specifically for John the Ripper.  The corresponding assembly
code for x86 with MMX, SSE2, and for x86-64 with SSE2 has been re-generated. For other CPUs and for AVX/XOP, C compilers do a reasonably good job of generating the code from the supplied C source files (with intrinsics where relevant).  The S-box expressions that we were using before had a 21% larger gate count, so theoretically this could provide a 21% speedup.  In practice, though, a 12% to 14% speedup at DES-based crypt(3) hashes is typical. This effort has been sponsored by Rapid7
Corrected support for bcrypt (OpenBSD Blowfish) hashes of passwords containing non-ASCII characters (that is, characters with the 8th bit set). Added support for such hashes produced by crypt_blowfish up to 1.0.4, which contained a sign extension bug (inherited from older versions of John). The old buggy behavior may be enabled per-hash, using the “$2x$” prefix.
The external mode virtual machine’s performance has been improved through additional multi-op instructions matching common instruction sequences
(assign-pop and some triple- and quad-push VM instructions were added).
A few minor bug fixes and enhancements were made.


This release comes with an 17% improvement in gate count for the Data Encryption Standard (DES) algorithm by generating different S-box expressions targeting both typical CPUs with only basic instructions and CPUs/GPUs that have “bit select” instructions.


Download John the Ripper v1.7.8  HERE

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">John the Ripper 1.7.8"https://www.voiceofgreyhat.com/2011/06/john-ripper-178.html</a>

Unpatched DLL bugs let hackers exploit Windows 7 and IE9

Although Microsoft has patched multiple DLL load hijacking vulnerabilities since last summer, Windows and Internet Explorer 9 (IE9) can still be exploited, a security company warned today.

Microsoft confirmed that it's investigating the claims by Slovenia-based Acros Security.

Researchers from Acros will demonstrate the new attacks at the Hack in the Box security conference in Amsterdam later this month.

"We'll reveal how IE8 and IE9 can be used on Windows 7, Vista and XP for attacking users without any security warnings, even in 'Protected mode,' and how to remotely make many seemingly-safe applications, for example, Word 2010 and PowerPoint 2010, vulnerable," said Acros CEO Mitja Kolsek in a Friday email.

The attack class called "DLL load hijacking" by some, but dubbed "binary planting" by Acros, jumped into public view last August when HD Moore, the creator of the Metasploit penetration hacking toolkit and chief security officer at Rapid7, found dozens of vulnerable Windows applications. Moore's report was followed by others, including several from Kolsek and Acros.

Many Windows applications don't call DLLs using a full path name, but instead use only the filename, giving hackers a way to trick an application into loading a malicious file with the same title as a required DLL. If attackers can dupe users into visiting malicious Web sites or remote shared folders, or get them to plug in a USB drive -- and in some cases con them into opening a file -- they can hijack a PC and plant malware on it.

Since Moore's original report, Microsoft has issued 13 DLL load hijacking-related updates stretching from November 2009 to last month, when it patched a pair in Office and Visual Studio as part of a massive 64-fix update.

But the Redmond, Wash. developer has not closed all the holes in its software, said Kolsek today.

In a blog post, Kolsek outlined still-available DLL load hijacking attack vectors, including one that works against any copy of Windows XP, another that can be used to compromise PCs running the newer Vista or Windows 7 operating systems, and a third that can be exploited through Internet Explorer 9 (IE9), Microsoft's eight-week-old browser.

At Hack in the Box, Kolsek intends to demonstrate exploits of DLL load hijacking bugs in Windows using malicious Word 2010 and PowerPoint 2010 documents, and against IE9.

The IE9 attack works even on Windows 7, where the browser runs in a "sandbox" of sorts, an anti-exploit technology designed to block hackers from infecting a PC. "[The attack works] against Internet Explorer 9 in protected mode on Windows 7 ... without any suspicious double-clicks or security warnings," Kolsek wrote on the Acros blog.

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Unpatched DLL bugs let hackers exploit Windows 7 and IE9"https://www.voiceofgreyhat.com/2011/05/unpatched-dll-bugs-let-hackers-exploit.html</a>

Metasploit 3.7 Takes Aim at Apple iOS

The open source Metasploit vulnerability testing framework got a major overhaul this week with the release of Metasploit 3.7.
The Metasploit 3.7 release provides an enhanced session tracking backend that is intended to improve performance. Metasploit 3.7 also provides over 35 new exploit modules for security researchers to test, including new ones designed to test Apple's iOS mobile operating system security.
The Apple iOS Backup File Extraction module however is not an attack vector for directly exploiting iOS. Rather it is what is known as a post-exploitation module.
"The post-exploitation modules (post for short) are designed to run on systems that were compromised through another vector, whether its social engineering, a guessed password, or an unpatched vulnerability," HD Moore, Rapid7 chief security officer and Metasploit chief architect told InternetNews.com. "This module requires iTunes to be installed and for a backend to be accessible that has not been encrypted."

Apple's iOS was specifically targeted during this year's pw2own hacking challenge in which security researcher Charlie Miller was able to exploit the system. Apple has since patched the pw2own flaw.
"In large corporate environments, a single domain administrator login can yield access to hundreds of desktop systems, and the Metasploit Pro product makes it easy to scavenge these iTunes backup files from the entire network at once," Moore said.
Metasploit is a popular vulnerability testing frame and is available in Express, Pro and Open Source editions. The Metasploit 3.7 release follows the Metasploit 3.6 release, which came out in March and had a focus on compliance related issues.
With Metasploit 3.7, in addition to new exploit module, there is a focus on improving performance. The improvements to the session tracking system and the associated database in Metasploit 3.7, means that Metasploit is now faster.

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Metasploit 3.7 Takes Aim at Apple iOS"https://www.voiceofgreyhat.com/2011/05/metasploit-37-takes-aim-at-apple-ios.html</a>

John the Ripper 1.7.7 is now available

John the Ripper is a fast password cracker, currently available for many flavors of Unix, Windows, DOS, BeOS, and OpenVMS. Its primary purpose is to detect weak Unix passwords. It supports several crypt(3) password hash types commonly found on Unix systems, as well as Windows LM hashes

New Features of JtR version 1.7.7:

• Added Intel AVX and AMD XOP instruction sets support for bitslice DES (with C compiler intrinsics). New make targets: linux-x86-64-avx, linux-x86-64-xop, linux-x86-avx, and linux-x86-xop (these require recent versions of GCC and GNU binutils).
• A “dummy” “format” is now supported (plaintext passwords encoded in hexadecimal and prefixed with “$dummy$”) – for faster testing and tuning of custom wordlists, rule sets, .chr files, and external modes on already known or artificial passwords, as well as for testing of future and modified versions of John itself.
• Apache “$apr1$” MD5-based password hashes are now supported along with the FreeBSD-style MD5-based crypt(3) hashes that were supported previously. Hashes of both of these types may be loaded for cracking simultaneously.
• The “–salts” option threshold is now applied before removal of previously cracked hashes for consistent behavior with interrupted and continued sessions. (Suggested by magnum.)
  The “Idle = Y” setting (which is the default) is now ignored for OpenMP-enabled hash types when the actual number of threads is greater than 1. (Unfortunately, it did not work right at least with GNU libgomp on Linux.)
• When a cracking session terminates or is interrupted, John will now warn the user if the cracked passwords printed to the terminal while cracking are potentially incomplete. It will advise the user to use the “–show” option to see the complete set of cracked passwords with proper post-processing.
• When loading hashes specified on a line on their own (feature introduced in 1.7.6), the loader will now ignore leading and trailing whitespace.
• Unless a hash type is forced from the command line, the loader will now print warnings about additional hash types seen in the input files (beyond the hash type autodetected initially).
• For use primarily by the jumbo patch (and later by future enhancements to the official versions as well), the loader now includes logic to warn the user of ambiguous hash encodings (e.g. LM vs. NTLM vs. raw-MD5, all of which may be represented as 32 hexadecimal characters) and of excessive partial hash collisions, which it works around (these are typically caused by an incomplete implementation of a new hash type).
• The “unique” and “unshadow” programs have been made significantly faster.
• “DateTime”, “Repeats”, “Subsets”, “AtLeast1-Simple”, “AtLeast1-Generic”, and “Policy” external mode samples have been added to the default john.conf.
• The self-tests have been enhanced to detect more kinds of program bugs.
• A few minor bug fixes and enhancements were made.

This version has been sponsered by Rapid7.
Download John the Ripper v1.7.7 (john-1.7.7-jumbo-1.tar.gz/john-1.7.7-jumbo-1.tar.bz2) here.

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">John the Ripper 1.7.7 is now available"https://www.voiceofgreyhat.com/2011/04/john-ripper-177-is-now-available.html</a>