Proactive Password Auditor™ (PPA™) is a password
security test tool that's designed to allow Windows NT, Windows 2000,
Windows XP, Windows Server 2003 and Windows Server 2008-based systems
administrators to identify and close security holes in their networks.
Password hacking is one of the most critical and commonly exploited network
security threats. Too often, users like to use simple and easy-to-remember
passwords such as repeating characters, simple words, and names. In
addition, some network administrators forget to purge terminated employees
from the system, force people to change passwords often, or lock out users
after a number of failed attempts.
Proactive Password Auditor™ helps secure networks by executing
an audit of account passwords, and exposing insecure account passwords.
If it is possible to recover the password within a reasonable time, the
password is considered insecure.
An administrator can also use it to recover any lost password and access a
user's Windows® account. Proactive Windows Password Auditor™ works
by analyzing user password hashes and recovering plain-text passwords.
The software supports a few different methods of obtaining password hashes
for further attack/audit: from dump files (generated by 3rd party tools like
pwdump/pwdump2/pwdump3), Registry of local computer, binary Registry files
(SAM and SYSTEM), memory of local computer, and memory of remote computers
(Domain Controllers), including ones running
Active Directory.
It can use brute-force and dictionary attacks on LM and NTLM password hashes,
effectively optimized for speed.
The product also features a so-called "rainbow" attack, that uses
pre-computed hash tables that allow to find most passwords in minutes
instead of days or weeks.
|
