|
New in Proactive Windows Security Explorer (PWSEX) version 1.10 (versus version 1.0):
- preliminary attack:
- passwords equal to user names
- cached passwords (HelpAssistant, VUSR_*, IIS_* etc)
- autologon password
- password saved in WinLogon process memory
- simple dictionary and bruteforce attacks
- show disabled and locked accounts
- attack by multiple dictionaries
- show additional information about active attack
- an ability to clear log window
- an ability to remove users from list
- faster and more reliable dump from local computer memory
- an ability to select all users with recovered NTLM passwords
- fixed: checking for Administrator privileges
- fixed: resuming brute-force attacks with non-US chars in staring password
- fixed: correct error message when trying to dump from locked SAM/SYSTEM files
- fixed: missing tooltips for toolbar buttons
- fixed: entering registration code through the nag screen
Proactive Windows Security Explorer (PWSEX) is a password security test tool that's designed to allow Windows NT, Windows 2000, Windows XP and Windows Server 2003-based systems administrators to identify and close security holes in their networks. Proactive Windows Security Explorer helps secure networks by executing an audit of account passwords, and exposing insecure account passwords. If it is possible to recover the password within a reasonable time, the password is considered insecure. The software supports a few different methods of obtaining password hashes for further attack/audit: from dump files (generated by 3rd party tools like pwdump/pwdump2/pwdump3), Registry of local computer, binary Registry files (SAM and SYSTEM), memory of local computer, and memory of remote computers (Domain Controllers), including ones running Active Directory. It can use brute-force and dictionary attacks on LM and NTLM password hashes, effectively optimized for speed. |
|
