Tool to crack Base64 passwords - could not find anything similar on the Internet. Download Tool: http://www.securityassoc.com/base64_crack.zip MD5 Hash: D905C844168D4D2D1755C1393E18CC96 Below from Readme.txt file: Base64 Encoding --------------- While pen testing and looking around for something to crack a Base64 encoded password I could not find much in the way of a simple script, so I decided to right a Perl script myself... Many weak security mechanisms rely on base64 encoding scheme. IIS server is one such example, from the below example we see IIS Basic authenication in action on a GET request: GET / HTTP/1.1 Host: iis-server Authorization: Basic dGVzdDpwYXNzd29yZA== The authorization tag is encoded in Base64 and when feed into the decode script is cracked as shown below: perl decode_base64.pl dGVzdDpwYXNzd29yZA== Author: The Singapore Dragon - dragonat_private Web: www.securityassoc.com Usage decode_base64.pl [encoded-text] The decoded data is: test:password There is also another script provided to encode data (encode_base64.pl). Enjoy and please send comments... The Singapore Dragon dragonat_private ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
This archive was generated by hypermail 2b30 : Mon Nov 11 2002 - 19:23:23 PST