===================================================================== Windows Password Recovery * Version History * ===================================================================== https://www.passcape.com info@passcape.com ===================================================================== [+] new feature, improvements [*] modification [!] error or bug fix Version 15.3.2 [*] Some AV false positives workaround. Version 15.3.1 [!] A protection issue. Sometimes the program might unexpectedly close after trying to launch it. Version 15.3.0 [+] Credentials Manager Decryptor is a new tool to decrypt private data stored in Windows Credentials Manager. [+] New speed benchmarks. [*] Security issues. Version 15.2.1 [!] There was a bug in DCC2 password recovery hash using a GPU. On some hashes/users the program was unable to find a password. [!] Super rules in a Hybrid dictionary attack were working incorrectly. Version 15.2.0 [+] Support for some new GPUs. [*] Update for Brazilian language interface. [!] Several issues decrypting TPM-protected data have been fixed. This version now allows decrypting data encrypted with TPM (for example, DPAPI blobs or Windows Hello passwords) on the original and properly loaded PC or laptop. [!] The issue with passwordless decryption of DPAPI data has been resolved by improving Windows Hello biometrics usage. [!] A certain configuration of the GPU hybrid dictionary attack, along with a vast set of rules, was causing the program to stick for a couple of minutes after starting the attack. This version has a fix for the problem. [!] A fix for the error monitoring temperature/utilization/fan on some machines with AMD devices. [!] Some GUI issues in visual mask builder. Version 15.1.0 [+] Support for Nvidia GeForce RTX 4xxx GPUs. [*] Update for Chinese user interface. [!] Some minor bugs. Version 15.0.0 [+] DPAPI decryption module has got a significant update. Now it has a full-scale support for Microsoft and Azure AD accounts, works with passwordless accounts, includes some improvements in ARSO submodule (one that allows to decrypt data without user password or PIN). [+] A full-scale support for Azure AD accounts. When setting up a work or a school account and joining to Azure Active Directory, all security properties of the newly created account are not saved to the local SAM database but to the CloudAPCache instead. Thus extracting hashes from local cloud cache is the only way to decrypt passwords for the Azure AD accounts. [+] Support for new CLOUD password types. CLOUD passwords are one stored in cloud cache of the local PC that belong to either Microsoft or Azure AD accounts. [+] The master key analysis tool got a couple of new features to check out PIN and password-less decryption. [+] The CREDHIST analysis tool also supports for Microsoft and Azure AD accounts, both password and PIN recovery. [+] The Vault Explorer also supports Windows Hello (data decryption using PIN or biometric information). [+] The new version can be used to decipher Windows CloudAPCache security information such as primary refresh tokens, etc. [+] A new import option to load Hashcat/Elcomsoft/JtR dump files with Windows Hello PINs. [*] Better support for high-resolution DPI monitors. [*] Some minor improvements in Windows Hello module. [*] The Hash Import Wizard has got some improvements as well. [*] New 'Password types' report. Some minor fixes processing password reports. [!] A error enumerating biometric databases using offline registry files. [!] A error bypassing some found DCC and PIN passwords when setting multiple masks in a GPU mask attack. [!] The Hash Import Wizard improperly loaded some PIN hashes from an external Windows directory. Version 14.3.0 [+] Preliminary support for Windows 11. [*] Some minor improvements in Windows Hello and hash import modules. [!] A bug-fix for incorrect reading of the project files. Sometimes, the program was unable to load the projects edited or created with the latest version of the program. [!] Passwords with international characters were not processing correctly when sending email notifications. Version 14.2.0 [+] Event notifications. [*] Update for French and Russian interfaces. [*] Significant improvement of the hash reading algorithms: - More plaintext passwords are decrypted right away; - Enhanced hash extraction of the local accounts; - The Hash Import Wizard supports for domain cached credentials and Windows PINs now, and much more improvements. [*] When loading hashes from binary files, the program now can instantly decrypt passwords of the last logged on user for the following browsers: 7Star, Amigo, Brave, Centbrowser, Chedot, Canary, Chromium, Coccoc, Comodo Dragon, Elements, Google Chrome, Kometa, Microsoft Edge, Opera, Orbitum, QQ Browser, Sputnik, Torch, UC Browser, Uran, Vivaldi. In certain cases, that helps to decrypt some logon passwords almost instantly regardless of the password complexity. Version 14.1.1 [!] Some GUI problems. Version 14.1.0 [*] This version has some changes in the way hashes are loaded into the program on live systems. It works in a little bit more correct way now. [*] French interface update. [!] The program was unable to load Windows PINs on some systems. [!] Some interface problems were eliminated. [!] The hash auto-selection option was not working properly sometimes. Version 14.0.0 [+] Support for Windows 21H2. [+] Support for GPU devices when recovering Windows PINs. The process of the PIN recovery became much easier now. [+] A simple mask attack was added to the fast PIN search dialog. [+] The statistics report outputs some additional info about wordlist: the number of Latin, non-Latin and digital words, words with special and non-printable characters, etc. Word processing speed has been increased slightly. [+] Support for Reset Windows Password backup files when loading hashes into the program. [*] The Active Directory Explorer has got some new attribute descriptions. [*] The built-in English dictionary was updated. Some new popular passwords were added. [*] Some improvements in algorithm for extracting plaintext Windows PINs. [*] The import hashes from local machine now loads Windows PINs as well. [*] The dialog for loading hashes from binary files has been reconstructed. An additioanl tab for importing Windows PINs was added there. [*] Speed optimization when recovering Windows PINs. Up to 8-x speedup for CPUs with AVX2 instruction set. [*] Significant speedup when packing (Wordlist conversion, registry/AD back tool) and unpacking (AI attack, miscellaneous wordlist tools, etc.) ZIP files and data. [*] Some changes in program's options. [*] Update for French and Russian interfaces. [*] Some GUI enhancements. [!] A minor Windows Hello engine initialization bug was fixed. [!] The dictionary feature "sort by string length and save to multiple files" worked incorrectly. [!] DCC hashes were stored improperly in project files and caused problems sometimes. [!] Some problems unpacking data and files from damaged ZIP archives were fixed. [!] Some memory leaks in DCC2 recovery when a password is found. [!] The GPU dic-force attack was working incorrectly (for DCC2 recovery only). Version 13.3.0 [+] Support for NVidia 3xxx GPUs. [+] Windows PIN history decryption. [*] Now the program can extract and display owner names to Bitlocker recovery passwords stored in Active Directory. [*] Lookup Bitlocker recovery passwords even for deleted Active Directory accounts. [*] Some visual improvements. [*] New speed benchmarks. [!] Attribute extraction was not working sometimes in Active Directory Explorer tool. [!] A problem detecting fan speed on NVidia GTX and RTX cards was fixed. [!] Sometimes the program was unable to decrypt LM hashes automatically when correspondent NT passwords were found. [!] A bug has been eliminated running PIN bruteforce. Version 13.2.0 [+] The tool for creating wordlists by indexing file content supports multithreading now. The files are processing much much faster on CPUs with multiple cores. [+] The wordlist generation tool got a new option for creating dictionaries by names enumeration only, skipping file content. [*] A new and improved version of HTML parser: faster processing speed, fixed some problems with character encoding. [*] Windows Server 2003 and higher OSes store noisy (randomly created) data in LM slots if the LM authentication is disabled on the server. The new version of the program has a new option for zeroing out the trash LM hashes if they do not conform to the real passwords. [!] A bug decrypting Windows Hello credentials was fixed. [!] A searching text bug in hash list was fixed. Some text with national characters (if ones were not corresponding to the default codepage) were processed incorrectly. [!] A memory bug decrypting some Windows Hello credentials has been eliminated. [!] A buffer overflow error. Version 13.1.1 [!] A bug in general options that wasn't allowed to utilize all available hardware (affects Advanced editions only). Version 13.1.0 [+] Support for TPM when recovering Windows Hello credentials. [+] Support for NVidia Ampere GPUs. [*] Some minor improvements. [*] Dictionary parser now supports some new string token rules. These rules are very useful when one needs to process or parse a dictionary or a dump using our Wordlist tool for example. [*] Some problems were fixed diplaying the program on high resolution devices. [*] Now you can set a custom description for a history hash entry. Previous versions do not allow changing this data field. [!] A problem with AI attack has been fixed. The program stopped unexpectedly during an AI attack using certain PC configurations. [!] Sometimes the program popped up with a kernel error when running a bruteforce/mask attack on LM hashes using NVidia [!] An error opening the rainbow table generator was fixed. [!] Automatic configuration in Hardware Configuration Wizard was performing incorrectly for Intel devices. Version 13.0.2 [+] Italian user interface. [!] A security issue has been fixed. [!] A seriopus error decrypting Chromium-based passwords has been fixed. Version 13.0.1 [*] Some speed-up when importing hashes from big NTDS.DIT files. [!] Sometimes the passwords for NTLM hashes were not checked properly which caused different errors. [!] A language switching bug has been fixed. Version 13.0.0 [+] Support for domain cached credentials recovery. Now the program got two new recovery formats in addition to LM and NTLM: domain cached credentials type 1 and type 2. Both formats are used to store hashes of the passwords of domain users. Password decryption for DCC2 hashes is very slow (~50 000 times slower compared to NTLM hashes). You should always keep it in mind when recovering DCC2 hashes. Furthermore, DCC hashes are enforced with salt. It means that, unlike LM/NTLM hashes, the recovery speed for DCC is in inverse ratio to the number of hashes. So recovering 20 DCC2 hashes is already 1 000 000 times slower compared to 20 NTLM hashes. It's a little bit different with DCC1 hashes however. The program uses some optimization tricks that help to improve the speed ratio when recovering multiple DCC1 hashes. [+] Support for some new file formats when reading DCC hashes. The program now imports DCC hashes from Passcape *.peif files, Elcomsoft *.dcc projects, Cachedump files, John the Ripper textual files as well as from the raw Windows registry. [+] The wordlist tools support for processing multiple files at once now. You can set a folder name as input to process all its files in a single operation. [+] New rule ?r[C] in a hybrid dictionary syntax. Using this rule helps to filter out certain unnecessary words easily. For example, numerical or uppercase ones. Setting up this rule in conjunction with 'hex' (i.e. ?r[hex]) can be used to bypass hashes as input words. This feature was most requested by users who often need to process and clean up their wordlists. [+] Extracting plaintext passwords for domain cached credentials. On some systems, the program extracts some textual passwords of domain accounts instantly. [+] Password reset for domain cached credentials. [+] Brazilian Portuguese interface language. [*] The wordlist combining tool works a little bit faster when adding a huge list of files. Operation progress is displayed now and all input files are checked against duplicates now. [*] The wordlist combining tool additionally got new capabilities for adding new files and folders using a file mask as input. [*] The wordlist tool for wiping out HTML tags now additionally converts hex-like passwords (like $HEX[313233]) into its textual representation. [*] Some enhancements when accessing protected system folders on 64-bit OSes. [*] Support for a new type of password encryption that was introduced in Google Chrome v80 as well as in other Chromium browsers. New version of the Google Chrome encrypts passwords using the AES-256-GCM algorithm and a system-generated 32-byte random key protected with DPAPI. It affects the following program's features (this is where the new Chrome algorithm is used): Artificial Intelligence attack, the password indexation tool, hash import. [*] Support for Lockwise password encryption when extracting passwords out of Mozilla-based applications like Firefox, SeaMonkey, K-Meleon, etc. The Lockwise password manager (on desktop, this is a part of Firefox 70+) has got new and enhanced protection based on AES-256 cipher and SHA-256 hash algorithms. [*] New speed benchmarks. [*] Some interface enhancements. [*] The format for saving attack progress has been changed and is no longer compatible with previous versions of the program. It's strongly recommended to complete all current recovery tasks before upgrading. [*] Update for French and Russian interfaces. [!] A error loading/saving sound events was fixed. [!] A error recovering SAM/AD passwords using AI was fixed. [!] Some Windows XP incompatibility problems were fixed. Version 12.2.0 [+] New speed benchmarks for AMD CPU and GPU devices. [+] Interactivity was added to the password and group reports. Now it's easy to save some additional information to a file by mouse-clicking on an element of the reports. [*] Up to 5% speedup for some Nvidia GPUs in brute-force recovery. [*] The program uses new default parameters in GPU attacks now. That helps to get a better load for GPU devices right out of the box. [*] Some changes in the way passwords are caching. The global password cache is not shared among programs any longer. [*] Additional checks for GPU kernel execution timeout were added. [*] Some visual enhancements. [*] The end of support for old NVidia CUDA 2.x devices. [!] Some GPU parameters were not saving properly in hybrid and dictionary attacks. [!] An error in a mask attack using GPU. Using an input mask that exceeded 16 elements often caused the program to pop up with an unforeseen error. Version 12.1.0 [+] Support for Windows 10 1909. [+] AMD Radeon VII speed benchmarks. [*] Update for French and Russian interfaces. Version 12.0.0 [+] Hash Import Wizard. A new and easy-to-use way to load Windows hashes into the program. [+] Hardware Configuration Wizard. With this Wizard it's easy to detect automatically an optimal hardware configuration and use it in password recovery. [+] Password Recovery Wizard is aimed to help recovering passwords easily and painlessly instead of going through multiple steps of setting up different attack options. You can choose between two automatic and one custom mode. The custom mode offers different options based on commonly used scenarios. [+] Mask and GPU mask attacks have been revised significantly. Now you can specify multiple masks to be used within a scope of a single mask attack. [+] New mask generation tool. The tool creates multiple masks using a wordlist with real passwords as input. The tool also allows sorting the generated masks by alphabet, popularity, and length. [+] A new option in the Fingerprint attack has been added. Using this option you can limit maximal allowed password length for a Fingerprint attack. In some cases, it helps to improve performance by decreasing the attack time. [+] Better support for international passwords. The program now comes with the following international dictionaries: Arabic, Chinese, Czech, Danish, Dutch, English, Finland, French, German, Greek, Hindu, Italian, Japanese, Korean, Latin, Norwegian, Polish, Portuguese, Russian, Slovenian, Spanish, Swedish. [+] Passwords template generation as well as AI algorithms (used in Recovery Wizard only). [+] Interactivity was added to account statistics (in Report tab). Now it's possible to save some additional information to a text file by mouse-clicking a part of the report. [*] The format of *.msk files has been changed. Now you can set multiple masks and character sets there. The program can perfectly read *.msk files in ASCII/UTF8/UNICODE16 formats. [*] New and much more sophisticated way the program checks for passwords when importing hashes using Hash Load Wizard. For example, if the program detects TBAL secret when importing hashes from another machine, it will try to scan and decrypt all available plaintext passwords first (Google Chrome, Firefox, Microsoft Internet Explorer and EDGE, remote desktop, WAN, LAN, etc.) Then WPR will generate password probabilities based on found credentials and will finally use the probabilities to guess logon passwords. [*] DPAPI code has got some updates. Now it has new algorithms to provide better utilization of some recently found vulnerabilities. [*] Some changes in Batch attack. [*] Processing a big list of hybrid rules caused some delay in Hybrid and Batch attack options. This version has a brand- new rule packing algorithm that allows both decreasing memory usage and increasing the parsing speed. [*] Some Visual enhancements. For example, in Preliminary options, you can use a single checkbox to tick all sub-attacks. [!] Some options of the Artificial Intelligence attack were displaying incorrectly. [!] An error initializing the GPU monitor was fixed. Sometimes the program threw GPU temperature warnings. [!] An error in Online recovery was fixed. Sometimes the program was unable to connect and download passwords from the Internet. Version 11.7.1 [*] The new version of Windows has slightly changed the way biometric databases are stored. If the files are locked by the system, the program unlocks them for further extraction and decryption of digital identities. [!] Sometimes it was impossible to view passwords cached by the program (in General options). Version 11.7.0 [+] Support for Windows 10 1903. [+] Support for Trusted Boot Auto-Logon. [+] Decrypted LSA secrets can be saved to files now. [*] New speed benchmarks. [*] Some enhancements in GPU health monitor. Better error diagnostics. [*] Changes in Hybrid dictionary engine: new mutation rules, some improvements when importing Hashcat rules, etc. [*] In Batch options now you can append saved batch attacks to existing list instead of just replacing it. [!] Sometimes the program failed unexpectedly when a password was found. Version 11.6.3 [!] After updating a big list of hashes, the program may pop up an infinite modal message. Version 11.6.2 [+] New rules file (duplicates.ini) for a hybrid dictionary attack. The rules generate multiple duplicate words out of a given dictionary. [!] A workaround for memory bug when saving/loading big project files. Version 11.6.1 [!] Sometimes the demo version failed unexpectedly after demo message notifications. Version 11.6.0 [+] Support for Windows 10 RS5 and Windows Server 2019. [+] Support for new GPU devices. [+] GPU health monitor. [*] The hardware monitor has been changed. Now it also shows retain and abort temperatures. [*] Some internal changes in recovery engine. [*] Support for the newest versions of Firefox when extracting local passwords in AI attack and in Wordlist indexation tool. [*] Speed improvement in LM password recovery (for AMD and NVIDIA GPUs only). Up to 80% speedup for some GPU devices. [*] Minor changes in default rule-file (Yurets.ini) of a Hybrid dictionary attack. Some rules were cut as they have generated multiple errors in a Chinese version of Windows. [!] A error caused by AMD drivers was fixed. The program crashed unexpectedly when launching AMD kernels on some drivers. It turns out that some versions of AMD drivers report they have support for SPIR but in fact they do not. Moreover, trying to compile a SPIR binary using the drivers may ruin the program (as well as any other application who call the SPIR compilation routine). This version has a workaround for the problem. [!] Buffer overflow bug in dictionary merge tool. [!] A problem saving Batch attack options has been eliminated. [!] The program ignored and skipped some passwords when running a GPU Hybrid dictionary attack and the source dictionary file contained certain non-English characters. Fixed now. Version 11.5.6 [!] Fixed some problems running the program on Windows XP. [!] Fixed a error starting the program on 32-bit OSes. Version 11.5.4 [*] Update for French manual. [*] New speed benchmarks. [*] Security issue. Version 11.5.3 [+] Support for Windows Hello. This version comes with a set of tools to analyse security of Microsoft's brand-new biometric authentication. This set includes the following tools: - Find and decrypt logon credentials stored by Windows Hello - Decrypt biometric databases and extract digital identities used to authenticate in Windows Hello - PIN recovery [*] Support for Windows 10 Spring Creators Update. [*] Some CUDA GPU kernels were recompiled due to NVidia compiler bug. [*] Update for French and Russian interfaces. Version 11.4.1 [*] New rules file (over 610 000 rules) for Hybrid dictionary attack. [*] Some enhancements checking/mutating cached passwords. [*] Security issue. [!] A bug in DPAPI master key analysis. Sometime the programs was unable to properly analyse encryption flags for certain master keys. [!] Some problems detecting OpenCL version were fixed. [!] Fixed a bug running GPU Hybrid Dictionary attack. The program failed showing 'No rules were set' error message on some configurations. Version 11.3.0 [+] Support for 7z archives. [+] Support for Windows 10 Fall Creators Update. [+] Support for newest AMD GPUs. [+] Support for NVidia Volta GPUs. [!] Fixed a problem recovering instantly some passwords to plaintexts on Windows 8 and Windows 10 x64 machines. [!] GPU hybrid dictionary properties were not saved properly in Batch recovery. [!] Wordlist sorting tool worked incorrectly for non-Latin characters with 'Ignore case' option set on. Version 11.2.2 [+] Two new rule-files for Hybrid attack. [*] Security issue. Version 11.2.1 [+] Support for new AMD devices. [*] Changes in license options. [*] Security issue. [!] User selection bug. [!] Fixed a bug processing screen messages with some special characters. [!] Fixed a bug exporting passwords to *.pot files using alternative algorithm (when the SHIFT key is pressed). User names were incorrectly saving in Windows (but not in UTF-8) encoding. Version 11.2.0 [*] GPU hybrid attack for CUDA devices was rewritten completely. That helped to increase recovery speed up to 50%-60% for NVidia Kepler and Maxwell devices. [*] Some optimization in GPU Mask attack when recovering NTLM passwords. The speed improvement varies from 10%-20% for Intel and AMD devices and up to 100% for some CUDA GPUs. [*] Security issue. [!] Fixed a minor problem processing 'i' and 'I' rules in Hybrid attack. Version 11.1.2 [!] Fixed a problem setting up some found LM half passwords in post-attack final mutation. Version 11.1.0 [*] Support for new data storage format when decrypting DPAPI cloud keys. The keys are used by multiple modules of the program mainly when decrypting private data for Microsoft accounts. Namely in DPAPI decoder, Windows Vault Explorer, network credentials decrypter, etc. [*] Pass-o-meter dialog has been changed slightly. Now user can set a custom speed to check password strength. [*] Some changes to keep up compatibility with Windows 10 when extracting plaintext passwords from memory. [!] GPU bruteforce settings were not saving properly in Batch attack. [!] Fixed a bug decrypting some passwords for HomeGroupUser$ user accounts. Version 11.0.2 [!] Fixed a error reading old project files (v10 and earlier). Version 11.0.0 [+] Support for a brand-new encryption scheme of protecting password hashes in SAM file. The new protection came with Windows 10 Anniversary Update. The update affects the following features: load hashes from binary registry files, LSA secrets dumper, SAM explorer, DPAPI decoder, Windows Vault explorer, Offline password remover. [+] Support for Windows Server 2016. [+] Support for Intel GPUs. [+] Selective data export to CSV file. [*] Now output POT file format (when clicking 'Export to POT' button) can be altered by holding down SHIFT key. [*] New default dictionary with more popular passwords. [*] LM speed improvements in GPU recovery. The exact numbers depend on recovery type and GPU device used. [*] Speed improvements in GPU Hybrid attack for NT hashes. [*] Up to 30% speedup for NVidia GPUs in Fingerprint recovery for NT hashes. [*] Up to 30% speedup for NVidia GPUs in Mask attack for NT hashes. [*] Update for French and Russian interfaces. [*] Some improvements. [*] Support for dates in UTC/GMT format when extracting AD attributes in Active Directory Explorer tool. [!] Fixed a bug in Russian interface. [!] The program had some problems extracting certain attributes in Active Directory Explorer. Version 10.4.0 [+] New speed benchmarks. [+] Added support for NVidia Pascal GPUs. [+] Added support for AMD Radeon RX 400 Series GPUs. [+] New Office 2016 black GUI color theme. [*] Support for AMD Radeon 5XX/6XX series was dropped. [!] Fixed a error in GPU Hybrid dictionary attack. Some password mutation rules were not working correctly. Version 10.3.0 [+] The program can now extract and decrypt Active Directory plaintext passwords set by Local Administrator Password Solution (LAPS). [+] New feature for extracting recovery passwords to Full Volume Encryption (FVE) volumes. The passwords are stored in Active Directory. [+] Radius plaintext password decryption when importing Active Directory accounts. [+] New module for extracting other AD sensitive information like UNIX-compatibe passwords, script execution passwords, etc. [+] Support for new AMD devices. [+] Support for hash load from L0phtCrack export sessions. [+] Support for decrypting and editing Active Directory secrets (in Active Directory Explorer tool). [+] New password recovery speed benchmarks. [+] Offline Password Remover can show password hints now. [+] Support for Windows 8/10 LiveID accounts in Offline Password Remover tool. [+] SAM Explorer tool supports viewing password hints (if any). [+] Support for Windows 8/10 LiveID was added to SAM Explorer tool. It can view and edit LiveID extended attributes as well. [+] New 5 visual themes for reports and statistics. [*] Import from LCS files is no longer supported. [*] Some enhancements in Vault Explorer and DPAPI decoder tools. [*] Support for new Active Directory encryption that is used by default in Windows Server 2016 TP4. [*] Starting with this version, Active Directory Explorer can operate in two working modes: 1. Using native parser engine 2. Using Extensible Storage Engine [*] More plaintext passwords extraction and decryption from LSA secrets (when loading hashes into the program). [*] Some Windows x64 compatibility workaround. [*] Real LiveID account's name retrieval when importing hashes from raw SAM files. [*] New message pool class was implemented to avoid program's deadlocks. [*] Some enhancements when importing plain hashes from text files. [!] Minor interface bug. [!] A minor bug was fixed in Windows Vault explorer tool. Some Vault entries of domain accounts were not decrypting properly. [!] Interface bug in SAM Explorer. The tool didn't switch to edit mode sometimes. Version 10.2.3 [*] Better tag wiper algorithm in wordlist extended tools. [*] Main dictionary file that comes with the program was increased by 1MB. A lot of top and popular passwords were added. [!] AMD initializing bug in GPU Bruteforce and GPU mask attacks. [!] The program was unable to import hashes from volume shadows on some 64-bit PCs. Version 10.2.0 [+] French documentation (help file). [*] Update for French interface. [*] Minor update in English documentation. [*] Some visual enhancements. [*] Now it is possible to add binary data as LSA secrets. As well as to copy/paste hexadecimal or Regedit buffers. [!] Fixed hangout bug in Baseword attack. Version 10.1.0 [+] New word grabbing module in AI attack and HDD indexing tool. This modules searches and enumerates all words in Windows registry. [+] New option to save project automatically every time new attack is starting or stopping. [+] Support for passwords derived from DVORAK and AZERTY keyboards in preliminary attack. [+] Check for passwords with non-standard characters in Preliminary attack. [+] New 'Export to POT' feature to save found passwords and hashes. [+] Support for Japanese and Thai character sets. [+] New benchmarks. [+] New Office 2016 visual themes. [*] 3 major changes in Mask attack syntax: 1. Now you should set UNICODE character codes in %r sequence instead of ASCII codes. 2. You can use both decimal and hexadecimal numbers when setting %r or %d sequences now. For example, %r(0x0600-0x06ff) is equal to %r(1536-1791). 3. New dynamic charset %* is aimed to use a character from the full ASCII table (codes 1 - 255). [*] Significant improvements in the module for guessing passwords which were based on keyboard combinations. [*] Some minor enhancements in user interface. [*] Some minor enhancements in internal engines, like better support for Firefox password extraction, etc. [*] Changes in Credential history dumper interface. Support for Windows 10. [*] Credential history analyser supports for Windows 10 now. [*] Changes in DPAPI Masterkey analyser. Support for Windows 10. [*] Changed internal logic in DPAPI decoder tool. Support for Windows 10. [*] Windows Vault Explorer supports Windows 10 now. [!] Minor interface bug in Vault Explorer. [!] Fixed a problem with CPU brute-force recovery. It was not working at all with some Asian character sets. [!] Fixed a problem in Mask recovery (both CPU- and GPU-based attacks). The program failed to find any Chinese, Japanese, Arabic, etc. passwords. [!] Minor bug in Wordlist Merge tool. [!] A error reading big PCD files was eliminated. [!] ?i and ?o rules were working incorrectly in Hybrid dictionary attacks. [!] Fixed a critical error in smart mutation engine. Version 10.0.3 [!] Fix a error in GPU mask attack. Some masks were not working correctly. Version 10.0.2 [+] New Hybrid dictionary attack for GPU. [+] Now the program can search for plaintext passwords on remote PCs when importing hashes remotely. This feature is on by default. [+] 5 new report themes. [+] 5 new account reports and 2 password reports. [+] Support for new AMD devices. [+] Support for Windows 10 in GPU recovery using AMD hardware (AMD Catalyst 15.7 is required). [+] New rules for the Hybrid dictionary attack. [*] The GPU password recovery engine was redesigned completely. GPU kernels were revised too. Rewriting makes these attacks much faster (up to 2x faster for certain GPUs). However, in order to gain most of your hardware and the new engine, you will have to play around and tune once the 'Thread blocks' option in some attacks. [*] Some unnecessary GPU options were omitted. [*] Additional checkout in GPU Dictionary options. [*] Some annoying warnings were suppressed when working with ntds.dit files. [*] Maximal password length in GPU Mask attack was increased up to 27 characters. [*] Update for French and Russian interfaces. [*] NVidia CUDA 1.1 - 1.3 devices are no longer supported. [*] Some workarounds for the error 86 when importing hashes remotely in Windows 8/8.1 [!] Minor problem in bruteforce options dialog. [!] Fixed a problem with the Base-word attack. The program sometimes failed unexpectedly when certain options were set. [!] Fixed minor problem with rule 'S' in Hybrid dictionary attack. [!] A remote PC connection bug has been eliminated. The problem was in incorrect program's behavior when detecting a type of the remote PC. The error manifested itself mostly on 64-bit machines. [!] Minor problem in Russian interface was fixed. Version 9.8.3 [+] Now it is possible to extract any attributes from Active Directory accounts and save them to text file. [+] Added 4 new Hybrid rules. [+] Added 2 new ruleset files for Hybrid attack. [+] End of attack indicator now shows time when attack is to be finished. [*] Some minor interface improvements. [*] Several improvements in Wordlist tool. [!] Fixed a problem in Active Directory Explorer tool which caused to incorrect displaying AD objects. [!] A serious error was eliminated in GPU brute-force and GPU mask attacks. Some passwords could be skipped for a certain configuration. Version 9.8.2 [+] Support for Windows 8/10 in DPAPI credentials history engine. [!] Fixed several errors in SAM Explorer. [!] Fixed a problem which caused some plaintext passwords to be skip when importing hashes from *.PUC files. Version 9.8.1 [!] A memory bug in opencl engine. Sometimes the program may crashed on certain AMD GPUs. [!] Fixed some messages in Russian interface. Version 9.8.0 [+] Hash checking algorithm has been completely rewritten. The program now runs much faster on big list of hashes. [+] NTLM performance for NVidia Maxwell devices was increased significantly. Thus NVidia 750Ti GPU cards are ~40% faster now. [+] Added animation to reports. [*] CUDA 1.0 compatible GPUs are not supported any longer. [*] The "Password-list analysis -> Character set ordering" report has been revised. [!] Fixed a bug in Batch recovery. Some interface controls may become disabled after a Batch attack is over. [!] Fixed a minor interface bug in benchmark dialog. [!] The "Password-list analysis -> Character sets" report displayed incorrect values sometimes. Fixed. Version 9.7.1 [+] New speed benchmarks. [!] Sometimes ':' rule was not processing in Hybrid dictionary recovery. [!] Fixed a error in Brute-force options. Some predefined custom character sets were not loading correctly. [!] Fixed a minor bug in Batch recovery. Version 9.7.0 [+] The DPAPI decryption tool can now decrypt DPAPI blobs for domain users using the domain backup key. So now you can recover DPAPI secret of domain users WITHOUT even knowing the owner logon password! [+] The DPAPI decryption tool now supports binary blobs that were encrypted using local service and network service accounts. [*] GPU kernels were recompiled using new AMD drivers. Problems with LM hashes were fixed (hopefully). [*] Windows Vault explorer now fully utilizes new DPAPI flaws we have found recently. [*] Hybrid rules were updated, multiple new rules were added. [*] Syntax for Hybrid attack was changed slightly. Now you can use character bitwise shift operations. [*] Some changes in dictionary caching algorithm. [*] Update in French and Russian translations. [*] Help files were updated. [!] Fixed a problem backing up current user's registry files. [!] A bug was fixed: hash import from remote machine was working incorrectly on some shares. [!] Some minor bugs in Active Directory viewer tool have been eliminated. Version 9.6.3 [+] Support for NVidia Maxwell GPUs. [+] Support for some future AMD GPUs and APUs. [+] Added support for plaintext password recovery of the currently logged on user in Windows 8.1 and Windows Server 2012. [+] 15 new group reports. [+] Active Directory backup tool is fully compatible with 64-bit Windows now. [*] DPAPI decryption tool now actively utilizes Windows Server 2003-2012 vulnerability (some DPAPI blobs can be decrypted without even knowing the owner logon password). [*] Active Directory offline dumper has been rewrittem completely. [*] Active Directory offline dumper now shows information for all domain object but not only user-related info. [*] Some workarounds in cryptographic module to support Windows 8 and Windows 2012 when decrypting DPAPI blobs and Master Keys. [*] French and Russian interfaces were updated. Version 9.5.0 [+] Artificial Intelligence attack now has a brand-new recovery mode that allows you to search passwords by indexing raw physical sectors of selected drives. [+] Base-wordlist recovery has been rewritten. Now it has two operating modes: single word and multiple input words. [*] Password mutation algorithm in the Base-word attack has been revised to keep more balanced load. [*] Several enhancements in Preliminary attack. [!] Fixed a critical error parsing Outlook *.pst files. AI attack and disk indexation tool may failed unexpectedly. [!] Fixed internal bug. Sometimes the program failed unexpectedly in certain password recovery attacks. Version 9.3.0 [+] New password recovery speed benchmarks. [!] Fixed a bug in password recovery time report. The statistics was not updated properly. [!] Fixed a problem opening a project moved from another PC. Now if the program detects that the opening project was not created on a current PC, it resets the hardware configuration and asks user to revise other options. [!] Some damaged ntds.dit files may caused the program to enter a endless loop when importing hashes. Fixed now. [*] Some changes in GPU recovery engine to support NVidia future devices based on CUDA 5.0 cc. [*] Update for French language interface. Version 9.2.4 [+] Spanish translation. [!] Some minor interface and translation bugs. Version 9.2.3 [!] Fixed a memory leak error in Pass-phrase recovery. Version 9.2.2 [!] Fixed versioning problem. [*] GPU device info is writing in log window now. Version 9.2.1 [+] New option to turn on/off sliding transition effect in wizards and property sheets. [*] Changes in auto-complete registry algorithm. [*] Some changes in registry backup dialog. Now it runs several times faster than before. [!] Setting a startup password in GPU brute-force attack sometimes caused a error (NVidia devices only). [!] Welcome dialog was not updated properly after choosing a new language. Version 9.2.0 [+] 6 new rules for the Hybrid attack. [+] HTML link extraction tool. [+] New speed bencmarks for NVidia and AMD devices. [+] Added character sets with new languages. [+] The program can import plain LM/NTLM hashes now. [+] Added 4 new color themes to reports. [+] New password recovery module to recover group policy plaintext credentials in a domain. The module works both in online and offine modes. [+] Added 3 new wordlists for Combined dictionary attack: - combdic_top1000.pcd - top 1000 frequently used English words - combdic_top5000.pcd - top 5000 frequently used English words - combdic_big.pcd - > 47000 frequently used words & passwords [*] Changes in password mutation engine. [*] The program now comes with new 20 Mb dictionary. [*] Some changes in license restrictions. [*] Minor changes in LSA secret dumper. [*] Update for French interface. [*] This version comes with unoptimized LM kernels for AMD devices. Unfortunately AMD OpenCL compiler produces invalide code for certain bitwise operations. So we had to turn optimization off completely in order to make it work properly. [*] Several visual enhancements. [*] GPU brute-force algorithm has been revised (both LM and NTLM). Up to 10% speedup for some GPU devices. [*] Speed reports have been revised. [*] New options for selecting disabled, locked or history hashes in the list. [!] Batch attack bug. Sometimes the program failed with critical error when running a Batch attack. [!] Hash edit bug. After a hash was changed manually, the password state was not updating properly. [!] Fixed a timeout problem when reading a big list of Active Directory hashes from a slow domain PC or from highly fragmented AD databases. [!] Fingerprint progress bar indicator showed incorrect values when processing PPP items. [!] Fixed a problem with LM recovery. Sometimes the program failed to find a second half of LM passwords, even if it had to. [!] Fixed a bug in GPU benchmark dialog. Version 9.0.9 [+] Support for AVX2 CPU instruction set. [+] Support for future AMD Radeon Rx 200 series GPUs. [+] Artificial Intelligence attack and HDD indexing tool support password recovery of newest versions of Opera browser now. [+] Support for password recovery of almost all Chromium-based browsers: Google Chrome, Orbitum, Torch, CoolNovo, Comodo Dragon, RockMeIt, SRWare Iron, Yandex browser, Epic browser, etc. [+] The Hybrid syntax has been revised significantly. Added 9 new rules. The program can import hashcat and passwordspro rules. The syntax accepts white spaces and comments. Some improvements in the rule parsing engine. [+] Several thousands of new Hybrid rules were added. Total number of rules exceeds 180000. [+] The program has now full support of DPAPI history credentials when loading hashes from local PC. Once a password is found for a local user, the program will try to decrypt all DPAPI history credentials stored by the system. Previous version of the program was able to extract credentials of the current user only. [+] New GPU speed benchmarks. [+] New system password lookup module was added. Affects AI attack and password search tool. [*] Up to 20% speedup in GPU fingerprint recovery for certain GPU devices. [*] The Pass-phrase mutation engine has been rewritten from scratch. New rules were added, some were omitted. Great speed optimization has been done: all ultra mutation modes run more than 10 times faster now. [*] Changes in asterisk password viewer tool. Asterisk revealer DLL is loading dynamically now. [*] The program was rebuilt under new environment. Unfortunately it is no longer compatible with Windows 2000. [*] The program got rid of some annoying warnings in GPU monitor and general settings. [*] Changes in the Base-word attack. The program generates more variants for the given word. [*] A lot of improvements for better compatibility with 64-bit Windows. [*] Some minor changes in Smart mutation engine. [*] More accurate 'Time left' progress for some attacks. [*] Update for Russian and French interfaces. [*] Changes in edition restrictions. [!] HTML files parsing bug. The error caused some words and passwords to be ignored and skipped. Affected the following items: Artificial Intelligence and Online attacks, Wordlist utilities, plaintext password searcher engine. [!] Fixed a serious error in GPU mask recovery. Some passwords were skipping during the attack. [!] Fixed a problem with AMD Radeon Cedar devices. Some attacks were failed with an error on Cedar GPUs. [!] Pass-phrase attack bug. International phrases were parsed incorrectly sometimes. [!] Some rules with leading or trailing spaces were not handled correctly in the Hybrid recovery. [!] Fixed total password calculation bug in Combined dictionary attack. [!] Custom charset selection bug in GPU Dictionary Force attack. Version 8.2.1 [!] Fixed a problem with damaged accounts when importing hashes from ntds.dit file. [!] Active Directory improper handling. Sometimes the program was unable to read AD in online mode. [!] Numerous interface bugs were fixed. [*] Changes in Baseword attack. [*] Changes in French and Russian language interfaces. [+] Wordlist utilities were updated. Now it can wipe HTML tags (like ,

, ), HTML entities (for example,  , &,   "e;) and other trash out of dictionaries. Version 8.1.3 [*] Update for French user interface. [*] Some changes in Brute-force recovery. [!] Base-word attack bug. The program generated too many passwords and too much memory were used in hard mutation mode which caused different exceptions. Version 8.1.2 [+] 2 new hybrid rules. [*] Several improvements in Artificial recovery module. [*] Update in OpenCL engine, added support for new AMD GPUs. [*] Wordlist utilities have been revised. Added output format switcher to create directly ASCII, UTF8 or UTF16 wordlists. New features in the wordlist creation tool, feature to convert HTML entities. [!] Mask recovery bug was fixed. [!] Active Directory read bug. Version 8.0.9 [!] Security issue. [!] Sometimes multiple selected AMD GPUs were not working. [!] Wordlist utilities: PCD file generation error fixed. [!] Import from remote PC didn't work properly. [*] wpr.pcd file has been updated Version 8.0.8 [+] Support for AMD video cards in GPU-based password recovery. [+] Support for Windows Server 2012 (Active Directory hashes import, AD explorer, AD password remover, etc.) [+] Full support for Active Directory passwords that are stored using reversible encryption. The program can now instantly extract and decrypt the reversibly encrypted passwords from both online and offline AD databases. Old Windows servers are supported as well. [+] New Office 2013 visualization themes [+] Wordlist generator in Dictionary attack. [*] Minor fix to support newest InsidePro format when importing hashes into the program. [*] Several improvements in Base-word recovery. The attack can generate more passwords now. [*] Wordlist generators have been revised, fixed some minor problems. [*] Several visual enhancements in reports and statistics. [!] Fixed serious error which caused to improper enumeration of non-English words in files. Wordlist utilities and Artificial recovery were affected. [!] Fixed some problems when recovering LM hashes. [!] Fingerprint recovery failed sometimes when processing strings with invalid characters (ASCII < 32). [!] GPU brute-force recovery worked incorrectly for passwords with national characters. [!] Last character truncation error saving found passwords to log file. [!] Fixed RAR and ZIP archive processing error [!] Fixed mime attachment parsing error in Artificial Intelligence recovery [!] Fixed multithreading synchronization error. The program used to hung in some attacks due to the bug. Multithreading engine has been tuned up, so overall recovery speed increased slightly in some CPU-based attacks. Version 7.1.1 [+] New option to show deleted Active Directory accounts. [*] More correct handling of Active Directory UAC (User Account Control) flag. [*] Several minor improvements. Version 7.0.0 [+] The program can extract plaintext passwords for any (!) user account which uses biometric information to logon the system. This feature affects the most of laptops with a fingerprint reader and Windows 7-8 on board. [+] UPEK fingerprint password decoder. The program decrypts user logon passwords saved by UPEK fingerprint reader (most laptops ship with it today). [+] Windows Vault explorer. This is a tool for offline analysis and recovery of Windows Vault entries. [+] Support for GTX 6xx series GPUs. [+] Internet Explorer 10 passwords recovery (implemented in HDD password index tool and Artificial Recovery attack). [+] New GPU benchmarks. [!] Security fix reported by users. [!] Active tip files were not updated during automatic update. [!] Attack continue didn't worked properly in pass-phrase attack. [!] Buggy string conversion in ATL. Local strings were not converted to ANSI properly. [!] Bug in Mozilla password decryption module. Some local paths to Firefox/Mozilla/Thunderbird, etc. databases were treated incorrectly. [!] Unexpected failure processing command line options. Version 6.1.3 [!] Some debug information was stripped from the final exe file. [*] Better plaintext-password extraction when importing hashes from SAM. Version 6.1.2 [!] Bug in autoupdate. Version 6.1.1 [*] Security issue. [!] Bug in Russian translation. Version 6.1.0 [!] Fixed minor bug in recursive search for DPAPI blobs. [+] Significant update in DPAPI recovery engine. Now it implements a full support for Windows 8 DPAPI cloud and LiveID accounts. [+] The program can extract plaintext passwords for any (!) user account which was set to require picture password or PIN in Windows 8. [+] Support for Windows 8 in HDD password index tool. Version 6.0.2 [!] Artificial Intelligence attack fixup. The attack failed with critical error. Version 6.0.1 [*] Memory usage optimization when utilizing ulta mutation modes in Pass-phrase recovery. Version 6.0.0 [+] GPU temperature and usage monitor. [+] Brand-new dictionary-force attack (based on GPU). [+] Dictionary generator in Phrase attack. [+] In Combined dictionary attack new word insertion feature was added in addition to common mutations. Now you can insert words from second dictionary into words from dictionary 1. [+] Custom color selection in reports. Users can create their own report color themes now. [+] The program supports now the most of 64-bit Windows systems in plaintext password decryption of the current user account. [+] 3 new ultra mutation modes in phrase attack. [!] Error in GPU engine. Some GPU modules were not decrypted properly. The program failed unexpectedly. [!] Error in regular rainbow tables engine. Non-english passwords were not handled correctly. Affects both rainbow table attack and rainbow table generator. [!] Error in Passcape rainbow tables. Password longer than 27 characters were handled incorrectly. [!] HomeGroup plaintext password in Windows 7 was not decrypted properly sometimes. [*] Windows 8 RC compatibility. [*] Phrase attack for LM hashes has been speed up slightly, new password mutations were added. [*] The following built-in wordlists were refreshed: - wpr.pcd - common.pcd - combdic.pcd [*] Several minor improvements. Version 5.2.1 [!] Bugs fixed. [*] Improved compatibility with newer video cards. [*] Licensing changes. Version 5.2.0 [+] The program can decrypt plaintext passwords of the currently logged on users. [+] 2 new GPU-based recovery modules were added: GPU fingerprint attack and GPU mask attack. [+] Multi GPU support. Now you can use multiple GPU devices for faster password recovery. [+] Hybrid attack has a super-rule tab. Super-rules can be used over the top of and be applied to all other regular rules. [+] New option to duplicate found passwords to text file. [!] Some parameters were displayed incorrectly in Pass-o-meter dialog. [!] Online recovery bug fixed. Some requests to online database were not processed correctly. [!] F3 key incorrectly behaviour fixed. [*] WPR service DLLs have been rewritten to get rid of some unhandled exceptions. [*] Windows 8 compatibility [*] A lot of minor improvements in Hybrid dictionary attack: rules save option, new syntax checker engine, new ruleset file with all rules (used by default now), etc. [*] Now Hybrid attack allows you to use aN rule in conjunction with other rules. [*] GPU recovery engine has been rewritten to get rid of some floating problems. [*] 'Hash Add' dialog has been improved slightly. Now the hash or even PWDUMP text line is inserted automatically (from Windows clipboard) upon the dialog startup. [*] Several enhancements in Online recovery module. Version 5.1.10 [+] New GPU benchmarks. [+] Added NTLM import from PasswordsPro project files. [+] GPU bruteforce attack (supports CUDA-based card only). [+] Password recovery speed benchmarks for GPU. [+] New sophisticated password lookup algorithm (in Preliminary attack) allows to decrypt keyboard-based passwords based on complex patterns. [+] Several enhencements and new recovery sub-modules of the Preliminary attack. [+] The program has 2 new global options now: 1 Check for updates when the program starts up 2 Duplicate log messages to wpr.log file [+] New ruleset file with more than 74000 Hybrid attack rules. [+] Added 23 brand-new reports for password-list analysis. [+] Support for big wordlists in combined dictionary attack. The old version of the program allowed only to use wordlists that can be fit completely into memory and ran out of memory for big wordlists. Now it can as well process dictionaries directly from disk during the attack. [+] Added 2 new VS2011 like application look themes. [+] Added 2 new Report visualization themes. [+] Added 2 additional options when loading hashes from binary files. Now you can turn on/off loading: - history hashes - machine accounts' hashes - plaintext passwords [!] Fixed incorrect chart drawing in some reports. [!] Error in file sorting module has been fixed. Some files were not sorted properly. [!] Vista homegroup password read bug eliminated. The program failed unexpectedly trying to read specific homegroup data. [!] Artificial Intelligence attack bug. Opera browser passwords were parsed improperly. This caused to unhandled exception sometimes. [!] Fingerprint attack endless loop bug. The fingerprint attack went into infinite loot sometimes. [!] Sometimes attack progress was not saving properly. [!] Fixed problem in combined dictionary generator tool. Output words were generated improperly. [!] Fixed serious error in batch attack. Batch options were not saved properly sometimes which led to various implicit problems. [!] Password list was not updating sometimes when Batch attack was finished. [!] Hybrid dictionary attack error. Stop/Continue did not work properly for *.pcd files. [!] Some custom rules in "Wordlist tools->Additional operations" worked incorrectly and caused unexpected program's behaviour. [*] Over 20000 brand new rules were added to the english_words.ini ruleset file (ready-to-use in the Hybrid dictionary attack). [*] Phrase attack speed was increased slightly. [*] Combined dictionary attack has been rewritten. Now it runs a bit faster and eats less memory. [*] Minor cosmetic improvements. [*] Mask attack syntax was changed. [*] A number of visual enhencements. Version 4.0.6 [+] New password recovery method: Passcape rainbow table attack. [+] Passcape rainbow table generation tool. [+] New hybrid rules. [+] New mutation rules (affect all attacks). [+] New simple reports for saving cracked user names or passwords. [+] Mutation customization in Dictionary attack. Now you can setup each mutation option (clastered in 16 groups) separately. [+] New keyboard sequences in Preliminary analysis. [+] 6 new reports were added to account statistics: 1 Last 10 failed logon accounts 2 Last 10 changed passwords 3 Last 10 successful logons 4 Last 10 logoffs 5 Expired soon accounts 6 Regular vs never expired passwords [+] Support for packed wordlists. Now you can use RAR or ZIP archive as input dictionaries for attacks. There are some restrictions however: only ZIP and RAR archives are supported currently, ZIP archives should be compressed using deflate encoding only. [!] Some broken help links were repaired. [!] DPAPI search bug fixed. Sometimes the program went into endless loop when user clicked STOP button. [!] WPR stuck for big list of hashes in Rainbow table attacks due to non-optimal hash preparation. New algorithm implementation allows to get ride of the problem. [!] Fixed Windows 2000 compatibility bug. The program failed to start under Win2K systems. [!] Dictionary cache error. Some PCD wordlists were not cached properly. [!] Fixed a couple of minor problems in load/save Batch attack settings module. [!] Account statistics were not handled correctly if SYSKEY feature for SAM or NTDS.DIT file were set to "Startup Password". [!] Fixed minor problems in report view. [*] More efficient display of the progress in rainbow attacks. [*] Some changes in product licensing. [*] Better memory management for fingerprint attack. [*] Improvements in Active Directory reader engine. Some NTDS.DIT files (taken from Windows 2008 R2) were not parsed by the program. [*] Improvements in wordlist packer engine. [*] In reports you can set legend position to allow it to overlap the chart it belongs to. [*] Now you can additionally save data to text file in some reports. Version 3.3.1 [+] Online recovery attack. [+] Rainbow tables (*.rt) generator with multithreading support. [+] Reset statistics & reports button [+] New 'Password as numbers' mutation rule in preliminary attack [+] Wordlist convertion tool was expanded to be used in conjunction with custom filter based on hybrid attack rules. For example, to convert all words of a given dictionary to l33t, use the following simple filter 'sa@ss$sb8sl1so0se3si1st7'. [+] New rule added in the Hybrid Dictionary Attack: k Using the rule you can convert english words to non-english ones (based on installed languages in your system) and vice versa. [+] Added 3 new files with hybrid dictionary rules: nonenglish_words.ini - for non-english words mutation simple_dates.ini - date and month mutation l33t.ini - l33t mutation [!] Fixed memory allocation bug in Active Directory parser module [!] Fixed several problems in rainbow tables attack [!] Fixed unexpected failure bug caused by improper handling of some browse-edit controls. [!] Improper mutation engine problem was fixed. Some words were not mutated as expected. Affects all recovery attacks. [!] Security problems (licensing issue). [!] Hash selection bug was eliminated. Sometimes hashes were not selected properly after the password list was sorted. [*] Hardware monitor has been enhanced slightly. Now it displays CPU and memory usage for overall system, as well as current process information. [*] HtmlToText engine was rewritten from scratch. Affects the following items: AI attack, Online Attack, wordlist tools, HDD indexing tool, e-mail text extraction engine. [*] Several enhances in Fingerprint attack. Version 3.0.2 [!] Fixed CREDHIST dump bug. The program reported decryption error on some CREDHIST files. That's because the program can't say for sure whether the hash was properly decrypted or not. So the validation algorithm was changed slightly to eliminate the bug. [!] Hybrid.ini file for the Hybrid dictionary attack was absent somehow in the program's setup file. Version 3.0.1 [+] Hybrid dictionary attack [+] Chinese help file translation [+] SAM explorer [+] Active Directory explorer [+] A set of 6 tools for offline recovery of DPAPI blobs: - DPAPI offline decrypter - DPAPI data blob analyser - DPAPI data blobs finder - Master Key analyser - CREDHIST analyser - CREDHIST hashes dumper [+] New reports (account statistics) added: - Regular vs. disabled accounts - Regular vs. locked accounts - Accounts with/without password - User vs. machine accounts - Active vs. expired passwords - Administrators vs. limited users - Top 10 active users - Bad password logons [+] Now the program can dump CREDHIST history credentials when [*] Simplified fingerprint analysis has been impoved to handle more non-English passwords. importing hashes from local PC [!] Fixed Rainbow attack error. Rainbow options were not saved properly. [!] Fixed the error that may caused the program to fail when indexing Opera passwords from wand.dat file (Artificial Intelligence attack) Version 2.0.0 [+] Fingerprint attack [+] Simplified fingerprint analysis upon regular attack completion [+] LSA secrets dumper [+] Domain cached credentials explorer [+] Added 3 new mutation rules. Affects all attacks where password mutation is implemented. [+] AI attack can index Utf8-based text files now [+] The program is smart enough now to recover plaintext passwords using Windows Password Reset Disk [+] Added 9 new dictionaries (facebook names and social network's passwords) to the Passcape Online database: 1. facebook-firstlast.pcd, 30.7 Mb, 17 285 798 words 2. facebook-lastfirst.pcd, 15.1 Mb, 10 342 928 words 3. facebook-first.pcd, 7.4 Mb, 4 347 667 words 4. facebook-last.pcd, 9.4 Mb, 5 369 437 words 5. hotmail.pcd, 70 Kb, 8 101 words 6. international_curse.pcd, 20 Kb, 20 404 words 7. rockyou.pcd, 147.1 Mb, 14 344 385 words 8. russian_curse.pcd, 56 Kb, 4 504 words 9. vkontakte.pcd, 0.5 Mb, 44 436 words [+] Chinese translation for the user interface [+] Mutation engine was enforced by a set of 6 new mutation rules [*] The program has new disk-write engine now. It affects the following tools: project exporter, log saver, random hash generator, dictionary to hash generator, PCD files reader, fingerprint dictionary generator, mask dictionary generator, combined dictionary generator. Up to several times speedup in dictionary creation. [*] Online dictionaries list is loaded and processed faster now [*] The program warning now when the password cache is too big [*] Some improvements in Artificial Intelligence attack [*] WPR sevice has been changed to process LSA secrets and extract more plaintext passwords both from local system and from external registry files [*] Active Directory plaintext passwords are handled more accurately now. Active Directory plaintext passwords are used if either DOMAIN_PASSWORD_STORE_CLEARTEXT flag or msDS-PasswordReversibleEncryptionEnabled account property were set on. [*] More accurate SYSKEY handling [*] Password caching algorithm has been improved slightly. Project load and SamInside import work faster now. [*] Several enhancements in 'Import from binary registry' module. The program can extract more plaintext passwords now. [*] Password cache engine has been reconstructed [*] New Opera v11.10 wand.dat file format is supported both by AI attack and by dictionary generation utility now. Both can extract Opera search field history as well. [*] Some algorithms in password mutation engine have been improved [*] Progress save algorithm has been revised significantly. Now it is project-dependant. [*] Mask attack improvements. It runs much better on multi-core CPUs now. [!] Fixed error in Passcape Online dictionaries engine. WPR failed to download specific dictionaries sometimes from the online database. [!] Custom charsets in batch mask attack were saved/loaded to project file incorrectly [!] Time conversion bug. Time to string conversion routine worked incorrectly sometimes. [!] Fixed display problems painting pie slices in chart report control [!] SYSKEY read bug in password reset plug-in. The program crashed sometimes and was unable to read SYSKEY if it had been configured as a startup password or boot diskette. [!] Fixed some English grammatical errors [!] Improvement in PCD reader engine. Some corrupted *.pcd wordlists may caused program to fail. [!] Fixed problem with temporary directory creation [!] Fixed serious problem reading Utf8-based wordlists [!] Fixed 'Browse for folder' dialog bug. It hung sometimes when called (Windows 7 bug). [!] Fixed error in AI attack (wireless connection module). Some wireless passwords were not decoded properly. [!] Fixed some problems in Google Chrome decryption module of AI attack [!] Fixed multivolume bug in cab archive extraction module [!] Fixed IFilter memory allocation bug. The error may caused memory blocks not to be dealocated during AI attack. [!] Fixed yet another serious problem in Artificial Intelligence attack. It used to hung the program sometimes. [!] Fixed dictionary attack bug caused by improper progress save (it was impossible to continue the attack from the last saved position) [!] Fixed a minor problem in Combined dictionary attack [!] Fixed a bug in password mutation module. Affects the following attacks: Artificial Intelligence, Dictionary, Base-word. Version 1.3.1 [!] Fixed problem in password benchmarking. The benchmark showed incorrect speed sometimes [!] Fixed statistics bug, attack run time was displayed incorrectly [*] Reports have been rewritten from scratch, added some options for better customization and visualization. [*] Some minor improvements in import module [+] The program now popups a notification message (how many passwords were found, time elapsed, etc.) upon attack completion [+] Hardware monitor - displays CPU and memory load [+] Offline Password Remover plugin [+] Added new reports: preferred attack statistics, attack timings, attack speed efficiency analysis, attack overall efficiency analysis, PC CPU speed Version 1.2.0 [!] Several UI cosmetic fixes and workarounds [!] Some progress data were loaded incorrectly [!] Several minor improvements and fixes in program logic [!] Fixed combined dictionary attack bug. The attack sometimes ran past the end (if mutation was off). [*] Keyboard passwords module (in preliminary attack) has been reconstructed in order to perform more deep search. [*] All attacks except AI and preliminary were rivised [*] Mask attack has been rewritten, mask attack syntax was changed. [*] Minor changes in ZIP pack/unpack module [*] AI attack speed improvement [+] Added new mutation rules. Affects the following attacks: Artificial Intelligence, Dictionary, Base-word, Preliminary. [+] Added Safari decryption module to Artificial Intelligence attack [+] Added new hex passwords module to Preliminary attack [+] Added new password generation rule to the combined dictionary attack. Now you can use a charset as a word delimiter for generated passwords [+] Task pane now has a legend (short description of what all these hash icons mean). [+] New built-in protection against asterisks viewers. For example, if an external program (asterisks password revealer) would try to unhide asterisks in remote machine dialog, it would get nothing. [+] Added new Office 2010 interface skins [+] Asterisk password revealer addon [+] Caption bar tips and quotes [+] Added new mutation rules to pass-phrase attack Version 1.1.3 [!] Fixed error in hash search engine. The program was unable to find some passwords after list items had been sorted or deleted. [!] Fixed column sort bug [!] Fixed hash items removal bug. Checked items were not deleted properly sometimes. [!] Minor memory bug in ZIP decryption engine [+] Some optimizations to operate with extra large (>10000) lists of hashes [+] Some optimization were done for faster NTLM hashes recovery [+] Recovery engine was rewritten partially in order to be able to process tens or even hundreds of thousands hashes [+] Passcape Password Prediction engine was optimized to get rid of slow performance during recovery [+] A lot of changes to make program compatible with GPU recovery engine Version 1.0.1 [!] Log window has been reconstructed. Old one was too slow to hold several thousands entries. [!] Fixed minor bug in hash-check engine [!] Error in the list of hash. Some found items were not deselected properly (if the unselect option was set). [!] Fixed minor bug in the hash-search engine [!] The program didn't start properly on some old OSes. [+] Duplicate hash search algorithm has been renewed and improved significantly. Now it runs faster when a password is found. [+] Dictionary-to-hash generator tool [+] Some optimizations were done to hold big lists of hashes Version 1.0.0 [!] Output log window reconstruction to gain more speed Version 1.0.0 Final public realease Version 0.4.0 Beta4 [!] A number of minor bugs fixed [!] Bug in indexed rainbow table decryption was fixed [!] Corrected outgoing links to external resources [!] Dictionary generation improvements [!] All dictionaries by default are stored in DIC subfolder now [+] The program was split into 3 editions [+] Password reports with print and save features Version 0.3.0 Beta3 [!] Fixed numerous interface issues [!] Fixed update checker bug [!] Fixed start page broken links [!] Fixed error enumerating cached passwords (when importing from binary files) [!] NT hashes were not selected properly (even if the "select NT hashes after import" option was set) [!] WPR services were rebuilt to get ride of some Windows 7 incompatibility errors [!] Fixed several Windows x64 compatibility issues [!] Slightly improved the module for dumping remote hashes [!] A serious error was fixed in offline LSA secret decoder module. The bug caused a critical failure on Vista+ machines with SYSKEY option set to startup password. [!] SYSKEY startup password (if the option is set in the system) is asked only once now, eg. cached by the program. [+] Added multilangual support [+] Added Russian interface language [+] Help file [+] Demo notification dialog on exit [+] New hash import modules: import from backup files, import from system repair folder, import from Restore Points, and Volume Shadow Copies [+] Added new tool for backing up current system registry files and Active Directory database Version 0.2.0 Beta2 [!] Up to 20% speedup in dictionary attack (when mutation option is set on) [!] Fixed a problem importing hashes from Lastbit *.winpsw v7 project files [!] Import from SamInside *.hashes has been fixed and improved significantly. [!] Fixed a problem when the program was unable to overwrite old batch attack settings [!] Fixed a minor bug in Rainbow attack options. Overall table statistics was not updated after a table was deleted from the list. [!] More properly thread initialization helped to get rid of some unhandled errors [!] Fixed numerous errors in batch attack [!] Fixed combined dictionary attack initializztion error [!] Attack progress (for some attacks) did not work properly [!] More sophisticated and deep error handling in recovery engine [+] Added icons to log messages, simple system configuration, color markers [+] The user can now remove a batch attack (in batch open dialog) [+] Added extra description field to a batch attack settings [+] Added 2 batch attack samples to the product's distributive [+] Indexed rainbow tables (*.rti) support Version 0.1.0 Beta1 [+] First public release =====================================================================