Password Crackers and Related Utilities
The utilities described in the following sections are popular password
crackers or related utilities for use on Macintosh. Some are made
specifically to attack Mac-oriented files. Others are designed to
crack UNIX password files. This is not an exhaustive list, but rather
a sample of the more interesting tools freely available on the
Internet.
PassFinder
PassFinder is a password cracking utility used to crack the
administrator password on FirstClass systems. This is an important
utility. The program suite FirstClass is a gateway system, commonly
used for serving e-mail, UUCP, and even news (NNTP). In essence,
FirstClass (which can be found at
http://www.softarc.com/) is a total
solution for mail, news, and many other types of TCP/IP-based
communication systems. It is a popular system on the MacOS platform.
(It even has support for Gopher servers and FTP and can be used to
operate a full-fledged BBS.) Because FirstClass servers exist not only
on outbound Internet networks, but also on intranets, PassFinder is a
critical tool. By cracking the administrator password, a user can
seize control of the system's incoming and outgoing electronic
communications. (However, this must be done on the local machine. That
is, the user must have access to the console of the instant machine.
This is not a remote cracking utility.)
______________________________________________________________
Cross Reference: PassFinder is available at
http://www.yatho.com/weasel/files/PassFinder.sit.bin.
______________________________________________________________
______________________________________________________________
TIP: Apparently, FirstClass 2.7 does not provide a facility for
recording or logging IP addresses. (Reportedly, this simple hole
exists in earlier versions.) Therefore, an attack on such a server
can be performed in a fairly liberal fashion.
__________________________________