On Monday 12 March 2007 17:06, you wrote: > > * Package name : sucrack > > Version : 1.1 > > Upstream Author : Nico Leidecker <[EMAIL PROTECTED]> > > * URL : http://www.leidecker.info/ > > * License : GPL > > Programming Lang: C > > Description : multithreaded su bruteforcer > > > > sucrack is a multithreaded Linux/UNIX tool for cracking local user > > accounts via wordlist bruteforcing su > > What advantages does this tool have over John the Ripper (Debian package > "john")?
John actually requires you have access to the hashed / encrypted passwords. Since sucrack drives a console tool (by default su) it can be used in places where John can't - for example auditing SSH key phrases, or where the penetration tester is attempting to escalate privileges on an already compromised system. Tim -- Tim Brown <mailto:[EMAIL PROTECTED]> <http://www.nth-dimension.org.uk/> -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
