u n d e r g r o u n d s e c u r i t y s y s t e m s r e s e a r c h

Please click our sponsor

Windows NT Penetration Tools

UnSecure.zip UnSecure NT password vulnerability tester.

Unsnodic.zip UnSecure executable only.

asmodeus.hacking.util.ex_ Asmodeus Network Security Scanner for NT 4.0

c2myazz.logon.downgrade.attack.zip Logon "downgrade" attack to force a plaintext password.

c2myazz.zip See above.

crash4.zip Crash4, run before GetAdmin if the GetAdmin Hot Fix is loaded.

dictionary.maker.zip Dictionary file maker for password cracking.

downgrade.exe Fake SMB server that tries a dialect downgrade to get plaintext passwords from remote users. For Windows NT. By Arne Vidstrom.

downgrade_faq.html FAQ for downgrade.exe

get-local-admin.txt how to get local admin in a nt

getadmin.zip Add the user you specify to Administrators group.

haktek.network.tool.zip HakTek network tool kit.

netmonex.tgz Breaks the NT password scheme for Microsoft's Network Monitor. UNIX and NT versions included.

netools.zip NT net tools.

no-where.utils.various.zip The Nowhere Utilities.

nt-sechole2.zip Exploit code to get local admin access on ALL version of NT, including 5.0 Beta X. The zip file includes sechole.exe and admindll.dll. Make sure to read get-local-admin.txt. Fix information is included.

nt4all-101.zip NT4ALL v1.01 - The NT4ALL tool lets any user log into an NT machine with any password. Every user that has WRITE access to the \WINNT\SYSTEM32 directory can use this tool (even GUEST user). Now works on NT4+SP4. 78k. By 9

nt4all.zip NT4ALL ver 1.0 - The NT4ALL tool lets any user log into an NT machine with any password. Every user that has WRITE access to the \WINNT\SYSTEM32 directory can use this tool (even GUEST user). By 9.

ntexploits.zip NT exploits.

ntfaq2.tgz Version 2 of the NT Hack FAQ (HTML)

ntfaq2.zip Version 2 of the NT Hack FAQ (text)

ntfs130.zip Boot from DOS and access an NTFS file system.

ntfs20r.zip Boot from DOS and access an NTFS file system.

ntfsdos.access.ntfs.dir.with.no.restrictionszip.zip Boot from DOS and access an NTFS file system.

ntfsdos.zip Get access to NTFS partitions from OSs that use FAT. Format a floppy disk with the /s option (copy system files), copy ntfsdos.exe (and the helpf file ntfshlp.vxd if you want) then boot the NT box with it. Gain full read access to everything on NTFS partitions. Go for the SAM in the winnt\system32\config directory.

nttools.zip Comprehensive NT Tool Kit.

polkill.zip Policy Killer v2.0 - Kill network policies. By Esoteric.

sechole2.zip Sechole.exe exploits a hole that grants a non-admin user debug-level access on a system service - from here local Admin rights are gained. This is purported to work on NT 3.51, NT 4.0 and the beta release of NT 5.0.

sid.zip Evgenii Rudnyi's user2sid and sid2user programs.

windows.nt.shredder.by.neonsurge.doc NT shredder, by NeonSurge.

xenocides.hacking.utils.various.zip Xenocide's NT hacking utilities.

Windows NT Penetration Tools
UnSecure.zip	UnSecure NT password vulnerability tester.
Unsnodic.zip	UnSecure executable only.
asmodeus.hacking.util.ex_	Asmodeus Network Security Scanner for NT 4.0
c2myazz.logon.downgrade.attack.zip	Logon "downgrade" attack to force a plaintext password.
c2myazz.zip	See above.
crash4.zip	Crash4, run before GetAdmin if the GetAdmin Hot Fix is loaded.
dictionary.maker.zip	Dictionary file maker for password cracking.
downgrade.exe	Fake SMB server that tries a dialect downgrade to get plaintext passwords from remote users. For Windows NT. By Arne Vidstrom.
downgrade_faq.html	FAQ for downgrade.exe
get-local-admin.txt	how to get local admin in a nt
getadmin.zip	Add the user you specify to Administrators group.
haktek.network.tool.zip	HakTek network tool kit.
netmonex.tgz	Breaks the NT password scheme for Microsoft's Network Monitor. UNIX and NT versions included.
netools.zip	NT net tools.
no-where.utils.various.zip	The Nowhere Utilities.
nt-sechole2.zip	Exploit code to get local admin access on ALL version of NT, including 5.0 Beta X. The zip file includes sechole.exe and admindll.dll. Make sure to read get-local-admin.txt. Fix information is included.
nt4all-101.zip	NT4ALL v1.01 - The NT4ALL tool lets any user log into an NT machine with any password. Every user that has WRITE access to the \WINNT\SYSTEM32 directory can use this tool (even GUEST user). Now works on NT4+SP4. 78k. By 9
nt4all.zip	NT4ALL ver 1.0 - The NT4ALL tool lets any user log into an NT machine with any password. Every user that has WRITE access to the \WINNT\SYSTEM32 directory can use this tool (even GUEST user). By 9.
ntexploits.zip	NT exploits.
ntfaq2.tgz	Version 2 of the NT Hack FAQ (HTML)
ntfaq2.zip	Version 2 of the NT Hack FAQ (text)
ntfs130.zip	Boot from DOS and access an NTFS file system.
ntfs20r.zip	Boot from DOS and access an NTFS file system.
ntfsdos.access.ntfs.dir.with.no.restrictionszip.zip	Boot from DOS and access an NTFS file system.
ntfsdos.zip	Get access to NTFS partitions from OSs that use FAT. Format a floppy disk with the /s option (copy system files), copy ntfsdos.exe (and the helpf file ntfshlp.vxd if you want) then boot the NT box with it. Gain full read access to everything on NTFS partitions. Go for the SAM in the winnt\system32\config directory.
nttools.zip	Comprehensive NT Tool Kit.
polkill.zip	Policy Killer v2.0 - Kill network policies. By Esoteric.
sechole2.zip	Sechole.exe exploits a hole that grants a non-admin user debug-level access on a system service - from here local Admin rights are gained. This is purported to work on NT 3.51, NT 4.0 and the beta release of NT 5.0.
sid.zip	Evgenii Rudnyi's user2sid and sid2user programs.
windows.nt.shredder.by.neonsurge.doc	NT shredder, by NeonSurge.
xenocides.hacking.utils.various.zip	Xenocide's NT hacking utilities.