THC Releases

Keyfinder analyses files for public/private keys, encrypted or compressed data. It identified such areas by measuring the entropy, arithemtical mean and counter checking, and dumps appropriate file sections.

Brute force program against pptp vpn endpoints (tcp port 1723). Fully standalone. Supports latest MSChapV2 authentication. Tested against Windows and Cisco gateways. Exploits a weakness in Microsoft's anti-brute force implementation which makes it possible to try 300 passwords the second.

Yaotp (Yet Another One-Time Pad) is a small tool that implements the one-time pad cipher for en- and decryption of messages. It features real random number generation by audio sampling and hashing, key management that enforces one-time usage and irreproducible key destruction. It is the right choice for the totally paranoid geek and high-security issues beyond any imagination.

Search data on a harddisk/partition/file, extract the part you are interested in, and write it back after you modified it. Useful to find and modify really all unencrypted Logfiles on a system. Does everything in RAW mode, and hence does not tamper a/m/ctimes.

The THC LEAP Cracker Tool suite contains tools to break the NTChallengeResponse encryption technique e.g. used by Cisco Wireless LEAP Authentication. Also tools for spoofing challenge-packets from Access Points are included, so you are able to perform dictionary attacks against all users.

THC-vlogger, an advanced linux kernel based keylogger, enables the capability to log keystrokes of all administrator/user's sessions via console, serial and remote sessions (telnet, ssh), switching logging mode by using magic password, stealthily sending logged data to centralized remote server. Its smart mode can automatically detect password prompts to log only sensitive user and password information.

This is the best secure data deletion toolkit! If you overwrite a file for 10+ times, it can still be recovered. Read why and use the programs included (w/src!). These tools can wipe files, free disk space, swap and memory! Changes: Linux LKM for secure file deletion included, small bufixes.

This little tool generates fuzzy fingerprints as described in the corresponding paper. It is an ideal extension to man-in-the-middle attacks against the SSH service. The current version supports RSA and DSA key generation and MD5 and SHA1 fingerprints.

Vmap stands for version mapper. It allows you to find out the version of a daemon by fingerprinting the features and replys of bogus commands. It's a great addition to the other *map tools.

Grenzgaenger is a Socks-based tool for tunneling nmap, netcat and exploits transparently through systems into protected networks. This tool is in ALPHA state!

THC-Shagg is an application to bruteforce check digit algorithms. It analyses a given list of serial numbers and tries to find a matching algorithm and its setup. If such a setup is found, THC-Shagg is able to generate (extrapolate) new serial numbers, e.g. VISA and MasterCard credit card numbers, EAN numbers, IMEI, UPC or even EFT routing numbers.

Long, long time ago, we released a tool called Login Hacker, for penetrating dialup modems. Today we are releasing a similar and easier tool for Linux which does the same job better. All you need is UNIX and minicom. Have fun with this little release!

THC-RUT (aRe yoU There, pronouced as root) is your first knife on foreign network. It gathers informations from local and remote networks. It offers a wide range of network discovery tools: arp lookup on an IP range, spoofed DHCP request, RARP, BOOTP, ICMP-ping, ICMP address mask request, OS fingerprintings, high-speed host discovery, ... The tool is capable of discovering a Class B network within 10 minutes.

Flood Connect is a connection flooding tool which supports SSL, sending + dumping data, closing or keeping sessions etc. Just a small release. Have fun.

THC-Parasite v1.2 allows you to sniff on switched networks by performing ARP man-in-the-middle spoofing. Selective targets, DOS and various other features present. Changes: Now running on Solaris and OpenBSD as well! :-)

IPF is the first command line tool for configuring the packet filter of Windows NT4 and Window 2000 systems. It replaces the annoying GUI alternatives and can be used as an elegant entry for writing advanced firewall scripts under the Windows system.