ษออออออออออออป บ [XiT] v2.0 บ (C) Copyright 1993, 1994 XCrypt Productions ศออออออออออออผ Written by Roche'Crypt / Feb.94 QUICK START อออออออออออ Ok, you have your 'passwd' and a dictionary files, right? From the DOS prompt, just type: XIT PASSWD MYDICT.TXT No need to say that you are to substitute PASSWD and MYDICT.TXT for the appropiate filenames you are going to use. XIT is a batch file that will do the following: - Extract all encrypted passwords from the passwd file, and save them on a temporary file. - Sort this file (to speed up the cracking process and take advantage of different passwords using the same salt). - Run the cracker program (XITx.EXE) - Create a STATUS and REPORT files, showing results and statistics of the session. This information will also be displayed on the screen. NOTES อออออ * XiT creates some temporary files. While these files are generally small, make sure there is enough space in your drive, i.e. don't run XiT on a floppy with only a few K free. No need to say that running XiT from a HD is highly reccomended. A disk cache will also help to improve speed, although there is no big deal of difference if you don't use any. XiT will get rid of those files before exiting the program. * To restore a previously aborted session, just write down the last word processed in the last session (which is also in the STATUS file) and use the option -S when calling XIT.BAT. If, for example, the last word processed was 'foobar', you would call XIT like: XIT passwd dictio -Sfoobar This will make XiT to skip all words in the dictionary until it finds 'foobar', and continue cracking from that point. Note there are NO spaces between the -S switch and the word. * XIT2.EXE is for 286 computers, and XIT3.EXE is for 386 or better. By default, XIT.BAT calls the 386 version. If you have a 286, edit XIT.BAT and change XIT3 to XIT2 in the line 19. WHAT'S NEW? อออออออออออ - Got rid of all the crappy, useless docs. If you still want them (they explain step by step what each module does and how), send me mail. - Added the SPACEBAR option to display status line. - Optimize the code for better speed. - Full C source code of the main executable file (XIT*.EXE) released And that's all. If you happen to know how to create a global/static table of more than 64k using Borland C 3.1, and know how to contact me, I would appreciate you let me know. That's all I need to speed up XiT to incredible limits! Hmm... I've gotta get my hands on that GNU compiler. WHY ANOTHER PASSWORD CRACKER? อออออออออออออออออออออออออออออ I wrote this program for just one reason: as a small programming challenge and study of the UNIX crypt(3) function. By releasing full source code of the main module (xit.exe), I expect that others will learn (some will laught), study the code, play with it, critizise, and maybe improve it. I'm not really releasing XiT for sysadms to test the security of their systems, although they can do so if they want. And I am not releasing my work for other people to crack passwords with obscure purposes in mind neither. Being an encryption worshipper, I respect both, the rights to access free information, and the rights for privacy. However, I know that some people will use it to crack password files. This is something that can't be avoided (these losers trying to crack some poor user's account are truly pathetic, anyway). But since there are similar public domain programs out there already doing this (and they have been for years), I know I'm not jeopardizing any system or account by releasing XiT. COMPILING THIS ออออออออออออออ Use Compact memory model. Compile and link XIT.C & CRYPT.C, with XIT.C as the main module. That's it. I used Borland C/C++ 3.1 to compile it, and there should be no problems there. Minor changes might be neccesary for other compilers. DISCLAIMER ออออออออออ I expect you to use this program wisely, and for honest purposes only. If you mess up with other people's accounts and get in trouble, don't blame me. You asked for it. Next time be more mature and use your time in more productive ways. Fortunately, nowadays more and more sysadms are using shadowed passwd files. Leaving the passwd file out there for everyone to see is like asking "Crack me, please!" and speaks by itself about the sysadms of that particular site. If XiT burns out your computer, erases your hard drive or installs Windows in it, again, don't blame me. Anytime you run XiT or any of its modules, you assume all the responsibility of whatever might happen. Any results from manipulating the code and recompiling it are your absolute responsibility as well. All XiT modules, documentation and source code are copyright under the US and international laws. You are welcome to modify the code, send comments, try to improve it, post public and private notes about it (with or without source) and release your own versions (under a different name of course) but you MUST CLEARLY include credits where applicable in both, the program and the documentation (if you release your code, include it there as well), stating that the original code was obtained from XiT 2.0 (c) copyright 1993,1994 XCrypt Productions, and written by Roche'Crypt. And blah blah blah... HOW TO CONTACT THE AUTHOR อออออออออออออออออออออออออ I remain anonymous to the general public because I have decided to do so. Period! If you want to send comments, post them in alt.2600, with the word XiT in the subject. I read the group on a weekly basis, and even you probably won't know who I really am, you migth as well be talking to me already. I might as well answer people's questions throught third parties using anonymous services and such. If you have something to say about XiT, post it in alt.2600 and it will get to me. Roche'Crypt