Two new hacker tools were released upon the public recently that could possibly allow unscrupulous individuals to scan secure traffic between Microsoft's Windows NT servers and even take control of a user's Windows 95 or Windows 98 system.
The hacking tools were revealed at the recent Black Hat Briefings conference held in Las Vegas.
Back Orifice, a play on the name of Microsoft's Back Office suite of applications, is intended to allow remote users to gain complete access to Windows 95 or Windows 98 systems over the Internet. The program was created by a hacker group called The Cult of the Dead Cow. The program is only 120KB of data that can be sent to a victim's computer through e-mail attachments or downloaded in some other way. Once activated, a user may not even know their system is no longer under their complete control, according to the group.
Another hacker tool, released by the L0pht hacker group, allows anyone to grab PPTP authentication packets from a network.
The sniffer program operates on a Sun Solaris machine and produces the challenge and password hashes for the L0phtcrack cracking program, which operates on an NT machine. PPTP is commonly used by NT machines to create secure transmissions between the machines and remote clients using the protocol.
The group was also expected to release L0phtcrack 2.5 imminently. L0pht says that, when released, L0phtcrack 2.5 will be five times faster than the previous version for doing brute-force password cracking.