_______________________________________________________________________________ Nomad Mobile Research Centre A N N O U N C E M E N T www.nmrc.org Simple Nomad [thegnome@nmrc.org] 19Nov1999 _______________________________________________________________________________ Product : Pandora v4.0 Beta 2 Platform : Windows 95/98/NT X on Linux Jitsu-Disk has been very, very busy..... Pandora v4.0 beta software has been updated. The new Pandora v4.0 *Beta 2* software is now available. It still has the "point, click, and attack" GUI interface, it still runs under Windows 95/98/NT or Linux with X, it still is the full metal jacket ninja kungfu action software for hacking Netware you've grown to love. Still compiled with 100% freeware compilers using freeware libraries with no big corporation SDK assistance, still the same GUI in Windows or Linux. The GUI interface contains these features: * Offline and Online components. Offline for cracking passwords offline, and Online for direct server attacks. * Improved MGUI interface. Offline includes: * Password cracking of Netware 4.x and 5.x passwords. * Reads native NDS files -- as well as maintenance files such as BACKUP.DS, BACKUP.NDS, and DSREPAIR.DIB -- and extracts password hashes for cracking. * Reads Netware 4.x and 5.x versions of NDS, BACKUP.DS, and DSREPAIR.DIB. * Multiple accounts can be brute forced and dictionary cracked simultaneously. * Preset and user-definable keyspace for brute forcing. * On screen sorting of account listings for easy viewing. * Built-in NDS browser to look at all NDS objects. * Remote Console Decryption using The Ruiner's decryption algorithm. * Fully optimized for Pentium processors for maximum carnage. * Bug fixes from Beta 1. Online includes: * Attach to servers using only the password hash (if you do not wish to crack them). * Dictionary attacks against NDS objects that detect if Intruder Detection was triggered. * Browse for target servers and gather connection info for spoofing attacks. * GameOver spoofing attack against servers not using Level 3 packet signature. * Improved Level3-1 attack which no longer requires using a sniffer to find elusive data for Admin session hijacking, just add in the Admin's MAC address and we do the rest. * "Sniff-n-Grab" files being downloaded from the Netware server by unsuspecting users. * Several nasty Denial of Service attacks. * Improved packet drivers from Beta 1. * Numerous bug fixes. * Actual working code to attack from Linux. Requires an IPX-aware kernel and root access. Full source code included in case you don't trust our binaries, and for adding your own code. Windows software is available now and appears to be stable. Linux software is posted and works, but may be updated somewhat frequently over the next few days. The Online code for Linux is working but YMMV. Check out binaries, code, doco, rants, and more at http://www.nmrc.org/pandora/ _______________________________________________________________________________