Hash Suite is a very efficient auditing tool for Windows password hashes (LM, NTLM, and Domain Cached Credentials also known as DCC or MSCash). It is very fast, yet it has modest memory requirements even when attacking a million of hashes at once. The GUI is simple, yet uses modern features offered by Windows 7. Besides the password security auditing program itself, there’s an included reports engine that generates reports in multiple formats. Regardless of the activities for which you are using a computer, sooner or later you need to create a password to keep your data safe. Most importantly, one of the most commonly encountered security gates is before your computer reaches the desktop, where user credentials need to be provided. In order to test out strength, applications such as Hash Suitelet you import several account type credentials while attempting to crack it from the hash.
Storing user passwords in the plain text naturally results in an instant compromise of all passwords if the password file is compromised. To reduce this danger, Windows applies a cryptographic hash function, which transforms each password into a hash, and stores this hash. This hash function is one-way in the sense that it is infeasible to infer a password back from its hash, except via the trial and error approach described below. To authenticate a user, the password presented by the user is hashed and compared with the stored hash.
Hash Suite, like all other password hash crackers, does not try to “invert” the hash to obtain the password (which might be impossible). It follows the same procedure used by authentication: it generates different candidate passwords (keys), hashes them and compares the computed hashes with the stored hashes. This approach works because users generally select passwords that are easy to remember, and as a side-effect, these passwords are typically easy to crack. Another reason why this approach is so very effective is that Windows uses password hash functions that are very fast to compute, especially in an attack (for each given candidate password). More information about password cracking can be found here.
Hash Suite Key-Providers
Hash Suite offers a number of different ways (named key-providers) to generate candidate passwords (which are sometimes referred to as keys):
- Charset: Generates keys trying all combinations of a given charset. Also called brute-force.
- Wordlist: Generates keys taking them from a dictionary. Very successful and requires low resources.
- Keyboard: Generates keys trying combinations of adjacent keys on a keyboard.
- Phrases: Generates phrases combining words from a wordlist. Useful to try long passwords.
- DB Info: Generates keys taking all usernames/found passwords. Useful with rules enabled.
- LM2NT: Alters the case of characters in cracked LM hash passwords to instantly crack the corresponding NTLM hash passwords.
Test accounts for multiple machines
An important advantage is the office suite like interface, which quickly gets you up and running thanks to the well-organized upper toolbar and intuitive icons. The rest of the space is a list of imported items, displaying username, hash and clear text.
Right from the start, you are prompted by a wizard that offers several hints of what is to come. Account credentials can be fetched from the local machine, a local area network, pwdump or cachedump file. For security reasons, administrator privileges are required so that the correct details can be gathered.
Various password types to check
Depending on the analysis you need to be done, the application is able to narrow down search results and only provide passwords of the LM, NTLM or DCC format, with additional options letting you choose the key provider, which can be charset, wordlist, keyboard, phrases, DB info, as well as LM2NT.
Multiple test cases to run
What’s more, a dedicated section gives you the possibility to specify rules by which a virtual attack to target imported data. You can quickly select both common and less common methods for enhanced results, but it can take some time. Various character combination possibilities can be selected from the available fields, since password type requirements might have mandatory requirements of upper case letters, numbers or special characters.
Force change of weak passwords
Furthermore, depending on the gathered result, additional tools let you force specific users to have their passwords changed, if cracking was no problem for the application, or completely disable an account. What’s more, you can test out new passwords with the help of a hash calculator that provides the result in LM and NTLM, with the possibility to export data.
Taking everything into consideration, we can say that Hash Suite can definitely come in handy, especially in environments that keep highly important data on hard disk drives. Algorithms used to attempt and crack your password might take some time, but in the end, a little patience might keep your personal data or job safe.
What is the Hash List?
We turn child sexual abuse images into unique codes (hashes) – think of it as a digital fingerprint. We do this using Microsoft PhotoDNA. With our list, you’ll be able to automatically match known images before they appear on your services. You’ll also be able to remove illegal images already on your services. You’ll receive an updated list every day.
Why do I need it?
If people can upload, download, view or host images on your services, you probably need our Image Hash List.
You’ll be able to stop:
- the upload of a child sexual abuse image on your system
- the sharing of an image through your services
- the use of your hosting services by a child sexual abuse website.
So using our Image Hash List will:
- make your network safer
- protect your customers
- save your employees time and distress
- protect the victims from repeat victimization.
How does it work?
We’ve teamed up with Microsoft to make it easy for companies to use our Image Hash List, with a cloud-based automated system. It’s impossible for most companies to manually scan every image that’s uploaded onto their platforms. The IWF Image Hash List does this for you in the background – without affecting your users’ experience.
It means you can compare anything from a single image to the millions of images uploaded through your platforms daily. The Image Hash list can flag illegal images already in your systems and prevent new ones being uploaded.
Corporate Vice President, Microsoft EMEA, Michel Van Der Bel says: “The impact of IWF’s work has been profound. They have made great progress, but there is more to be done. This is a journey. Microsoft was delighted to be able to employ the technology of our cloud based service to support IWF’s Image Hash List. It’s great to work and we are very happy to be involved.”
IWF Deputy CEO, Fred Langford says: “The collaboration with Microsoft and our access to the police database makes this development unparalleled globally. For us, this development could revolutionize the way we work and give peace of mind to the thousands of children, whose images have been shared again and again. We currently have more than 200,000 unique hashes on the list but we’re looking at potentially millions.”
Enhanced quality checks
Two of our expert analysts check each child sexual abuse image. These enhanced quality checks mean each image is categorised accurately before it reaches your systems. International companies trust the IWF Hash List and use it with legal confidence. We add thousands of images every week.
You can download the list via an API, avoiding the need for additional, external hardware – making access to our list even more secure.
Our image hashes are categorized for international use. So whether your services focus on a single country or a multi-national platform, we tailor the list to what you need.
Better than traditional hashes
We help you keep up with the criminals. Unlike traditional hashing technology, an image can be resized, cropped or colors changed and our hashes will still find a match to the original image.
How do we find illegal images?
The images on our List come from:
- public reports
- our analysts actively searching for them – we’re the only hotline doing this
- the UK Home Office’s Child Abuse Image Database (including images that aren’t yet online).
Who can use it?
IWF Members can use the IWF Image Hash List under licence. Companies that will benefit include:
- filtering providers
- hosting or file sharing services
- social media and chat services
- data centres.
Two versions available
We provide both PhotoDNA and MD5 versions of the hashes.
- Fast: We offer a program with very high performance.
- Simple and modern: We use a simple GUI with features offered by modern Windows (fig 1).
- Smart: Reports with statistics, easy download of quality wordlists, easily fix weak passwords.
- Powerful: All common features of modern crackers and many unique to Hash Suite.
- Scalable: Works fast even with a huge number of hashes
How To Install?
1: Click on Download Button.
2: Softwares Auto Download.
3: Open Download File.
4: Click on Install.
5: Follow The Instructions.
6: Thanks For Downloading.