THC Releases

CUPASS uses techniques to guess the password of ANY user on a WindowsNT/W2K server or domain. CUPASS uses a flaw in the implementation of Microsofts NetUserChangePassword API to guess/change the users password. This release is the proof of concept code for the THC paper "CUPASS and the NetUserChangePassword Problem"

Long, long time ago, we released a tool called Login Hacker, for penetrating dialup modems. Today we are releasing a similar and easier tool for Linux which does the same job better. All you need is UNIX and minicom. Have fun with this little release!

Flood Connect is a connection flooding tool which supports SSL, sending + dumping data, closing or keeping sessions etc. Just a small release. Have fun.

This little tool generates fuzzy fingerprints as described in the corresponding paper. It is an ideal extension to man-in-the-middle attacks against the SSH service. The current version supports RSA and DSA key generation and MD5 and SHA1 fingerprints.

General Dialer is an oldschool blueboxing tool which is able to use 5-frequency-trunks with volume ramp and scale support for each frequency entry. Additional features include: C4, C5, C6, f/b R2, DTMF dialing and a a mini-scanner for PBX- and VMB-systems. The original version has been released in 1995.

Small program to filter out important accounts from large unix passwd files.

Grenzgaenger is a Socks-based tool for tunneling nmap, netcat and exploits transparently through systems into protected networks. This tool is in ALPHA state!

HappyBrowser can be used by every person who wants to check an NT-Server/Webserver for known vulnerabilities, without the need of having deep security knowhow. "Securing while surfing" is the motto.

THC-Hydra - the best parallized login hacker: for Samba, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more. Includes SSL support and is part of Nessus. Visit the project web site to download Win32, Palm and ARM binaries. Changes in 5.4: Several speed improvements, bug fixes and a few enhancements! NOTE: We need people to rewrite modules - please contact vh(at)thc(dot)org

IPF is the first command line tool for configuring the packet filter of Windows NT4 and Window 2000 systems. It replaces the annoying GUI alternatives and can be used as an elegant entry for writing advanced firewall scripts under the Windows system.

THC is proud to be the first who are releasing an comprehensive attack toolkit for the IPv6 protocol suite. It comprises of state-of-the-art tools for alive scanning, man-in-the-middle attacks, denial-of-service etc. which exploits inherent vulnerabilities in IPv6. Included is a fast and easy to use packet crafting library to create your own attack tools.

Keyfinder analyses files for public/private keys, encrypted or compressed data. It identified such areas by measuring the entropy, arithemtical mean and counter checking, and dumps appropriate file sections.

The THC LEAP Cracker Tool suite contains tools to break the NTChallengeResponse encryption technique e.g. used by Cisco Wireless LEAP Authentication. Also tools for spoofing challenge-packets from Access Points are included, so you are able to perform dictionary attacks against all users.

Powerfull script language to hack terminal logins via dictionary- or bruteforce-hacking. Configurable for telnet and dialup hacking, extreme large command base.

Search data on a harddisk/partition/file, extract the part you are interested in, and write it back after you modified it. Useful to find and modify really all unencrypted Logfiles on a system. Does everything in RAW mode, and hence does not tamper a/m/ctimes.

THC-Orakel is a tool suite for analysis of the database authentication mechanism used in Oracle products. Provided are utilities for sniffing and breaking authentication password on the wire within seconds.