===================================================================== Windows Password Recovery * Versions History * ===================================================================== http://www.passcape.com info@passcape.com ===================================================================== [+] new feature, improvements [!] modification or bug fix Version 5.1.10 [+] New GPU benchmarks. [+] Added NTLM import from PasswordsPro project files. [+] GPU bruteforce attack (supports CUDA-based card only). [+] Password recovery speed benchmarks for GPU. [+] New sophisticated password lookup algorithm (in Preliminary attack) allows to decrypt keyboard-based passwords based on complex patterns. [+] Several enhencements and new recovery sub-modules of the Preliminary attack. [+] The program has 2 new global options now: 1 Check for updates when the program starts up 2 Duplicate log messages to wpr.log file [+] New ruleset file with more than 74000 Hybrid attack rules. [+] Added 23 brand-new reports for password-list analysis. [+] Support for big wordlists in combined dictionary attack. The old version of the program allowed only to use wordlists that can be fit completely into memory and ran out of memory for big wordlists. Now it can as well process dictionaries directly from disk during the attack. [+] Added 2 new VS2011 like application look themes. [+] Added 2 new Report visualization themes. [+] Added 2 additional options when loading hashes from binary files. Now you can turn on/off loading: - history hashes - machine accounts' hashes - plaintext passwords [!] Fixed incorrect chart drawing in some reports. [!] Error in file sorting module has been fixed. Some files were not sorted properly. [!] Vista homegroup password read bug eliminated. The program failed unexpectedly trying to read specific homegroup data. [!] Artificcial Intelligence attack bug. Opera browser passwords were parsed improperly. This caused to unhandled exception sometimes. [!] Fingerprint attack endless loop bug. The fingerprint attack went into infinite loot sometimes. [!] Sometimes attack progress was not saving properly. [!] Fixed problem in combined dictionary generator tool. Output words were generated improperly. [!] Fixed serious error in batch attack. Batch options were not saved properly sometimes which led to various implicit problems. [!] Password list was not updating sometimes when Batch attack was finished. [!] Hybrid dictionary attack error. Stop/Continue did not work properly for *.pcd files. [!] Some custom rules in "Wordlist tools->Additional operations" worked incorrectly and caused unexpected program's behaviour. [*] Over 20000 brand new rules were added to the english_words.ini ruleset file (ready-to-use in the Hybrid dictionary attack). [*] Phrase attack speed was increased slightly. [*] Combined dictionary attack has been rewritten. Now it runs a bit faster and eats less memory. [*] Minor cosmetic improvements. [*] Mask attack syntax was changed. [*] A number of visual enhencements. Version 4.0.6 [+] New password recovery method: Passcape rainbow table attack. [+] Passcape rainbow table generation tool. [+] New hybrid rules. [+] New mutation rules (affect all attacks). [+] New simple reports for saving cracked user names or passwords. [+] Mutation customization in Dictionary attack. Now you can setup each mutation option (clastered in 16 groups) separately. [+] New keyboard sequences in Preliminary analysis. [+] 6 new reports were added to account statistics: 1 Last 10 failed logon accounts 2 Last 10 changed passwords 3 Last 10 successful logons 4 Last 10 logoffs 5 Expired soon accounts 6 Regular vs never expired passwords [+] Support for packed wordlists. Now you can use RAR or ZIP archive as input dictionaries for attacks. There are some restrictions however: only ZIP and RAR archives are supported currently, ZIP archives should be compressed using deflate encoding only. [!] Some broken help links were repaired. [!] DPAPI search bug fixed. Sometimes the program went into endless loop when user clicked STOP button. [!] WPR stuck for big list of hashes in Rainbow table attacks due to non-optimal hash preparation. New algorithm implementation allows to get ride of the problem. [!] Fixed Windows 2000 compatibility bug. The program failed to start under Win2K systems. [!] Dictionary cache error. Some PCD wordlists were not cached properly. [!] Fixed a couple of minor problems in load/save Batch attack settings module. [!] Account statistics were not handled correctly if SYSKEY feature for SAM or NTDS.DIT file were set to "Startup Password". [!] Fixed minor problems in report view. [*] More efficient display of the progress in rainbow attacks. [*] Some changes in product licensing. [*] Better memory management for fingerprint attack. [*] Improvements in Active Directory reader engine. Some NTDS.DIT files (taken from Windows 2008 R2) were not parsed by the program. [*] Improvements in wordlist packer engine. [*] In reports you can set legend position to allow it to overlap the chart it belongs to. [*] Now you can additionally save data to text file in some reports. Version 3.3.1 [+] Online recovery attack. [+] Rainbow tables (*.rt) generator with multithreading support. [+] Reset statistics & reports button [+] New 'Password as numbers' mutation rule in preliminary attack [+] Wordlist convertion tool was expanded to be used in conjunction with custom filter based on hybrid attack rules. For example, to convert all words of a given dictionary to l33t, use the following simple filter 'sa@ss$sb8sl1so0se3si1st7'. [+] New rule added in the Hybrid Dictionary Attack: k Using the rule you can convert english words to non-english ones (based on installed languages in your system) and vice versa. [+] Added 3 new files with hybrid dictionary rules: nonenglish_words.ini - for non-english words mutation simple_dates.ini - date and month mutation l33t.ini - l33t mutation [!] Fixed memory allocation bug in Active Directory parser module [!] Fixed several problems in rainbow tables attack [!] Fixed unexpected failure bug caused by improper handling of some browse-edit controls. [!] Improper mutation engine problem was fixed. Some words were not mutated as expected. Affects all recovery attacks. [!] Security problems (licensing issue). [!] Hash selection bug was eliminated. Sometimes hashes were not selected properly after the password list was sorted. [*] Hardware monitor has been enhanced slightly. Now it displays CPU and memory usage for overall system, as well as current process information. [*] HtmlToText engine was rewritten from scratch. Affects the following items: AI attack, Online Attack, wordlist tools, HDD indexing tool, e-mail text extraction engine. [*] Several enhances in Fingerprint attack. Version 3.0.2 [!] Fixed CREDHIST dump bug. The program reported decryption error on some CREDHIST files. That's because the program can't say for sure whether the hash was properly decrypted or not. So the validation algorithm was changed slightly to eliminate the bug. [!] Hybrid.ini file for the Hybrid dictionary attack was absent somehow in the program's setup file. Version 3.0.1 [+] Hybrid dictionary attack [+] Chinese help file translation [+] SAM explorer [+] Active Directory explorer [+] A set of 6 tools for offline recovery of DPAPI blobs: - DPAPI offline decrypter - DPAPI data blob analyser - DPAPI data blobs finder - Master Key analyser - CREDHIST analyser - CREDHIST hashes dumper [+] New reports (account statistics) added: - Regular vs. disabled accounts - Regular vs. locked accounts - Accounts with/without password - User vs. machine accounts - Active vs. expired passwords - Administrators vs. limited users - Top 10 active users - Bad password logons [+] Now the program can dump CREDHIST history credentials when [*] Simplified fingerprint analysis has been impoved to handle more non-English passwords. importing hashes from local PC [!] Fixed Rainbow attack error. Rainbow options were not saved properly. [!] Fixed the error that may caused the program to fail when indexing Opera passwords from wand.dat file (Artificial Intelligence attack) Version 2.0.0 [+] Fingerprint attack [+] Simplified fingerprint analysis upon regular attack completion [+] LSA secrets dumper [+] Domain cached credentials explorer [+] Added 3 new mutation rules. Affects all attacks where password mutation is implemented. [+] AI attack can index Utf8-based text files now [+] The program is smart enough now to recover plaintext passwords using Windows Password Reset Disk [+] Added 9 new dictionaries (facebook names and social network's passwords) to the Passcape Online database: 1. facebook-firstlast.pcd, 30.7 Mb, 17 285 798 words 2. facebook-lastfirst.pcd, 15.1 Mb, 10 342 928 words 3. facebook-first.pcd, 7.4 Mb, 4 347 667 words 4. facebook-last.pcd, 9.4 Mb, 5 369 437 words 5. hotmail.pcd, 70 Kb, 8 101 words 6. international_curse.pcd, 20 Kb, 20 404 words 7. rockyou.pcd, 147.1 Mb, 14 344 385 words 8. russian_curse.pcd, 56 Kb, 4 504 words 9. vkontakte.pcd, 0.5 Mb, 44 436 words [+] Chinese translation for the user interface [+] Mutation engine was enforced by a set of 6 new mutation rules [*] The program has new disk-write engine now. It affects the following tools: project exporter, log saver, random hash generator, dictionary to hash generator, PCD files reader, fingerprint dictionary generator, mask dictionary generator, combined dictionary generator. Up to several times speedup in dictionary creation. [*] Online dictionaries list is loaded and processed faster now [*] The program warning now when the password cache is too big [*] Some improvements in Artificial Intelligence attack [*] WPR sevice has been changed to process LSA secrets and extract more plaintext passwords both from local system and from external registry files [*] Active Directory plaintext passwords are handled more accurately now. Active Directory plaintext passwords are used if either DOMAIN_PASSWORD_STORE_CLEARTEXT flag or msDS-PasswordReversibleEncryptionEnabled account property were set on. [*] More accurate SYSKEY handling [*] Password caching algorithm has been improved slightly. Project load and SamInside import work faster now. [*] Several enhancements in 'Import from binary registry' module. The program can extract more plaintext passwords now. [*] Password cache engine has been reconstructed [*] New Opera v11.10 wand.dat file format is supported both by AI attack and by dictionary generation utility now. Both can extract Opera search field history as well. [*] Some algorithms in password mutation engine have been improved [*] Progress save algorithm has been revised significantly. Now it is project-dependant. [*] Mask attack improvements. It runs much better on multi-core CPUs now. [!] Fixed error in Passcape Online dictionaries engine. WPR failed to download specific dictionaries sometimes from the online database. [!] Custom charsets in batch mask attack were saved/loaded to project file incorrectly [!] Time conversion bug. Time to string conversion routine worked incorrectly sometimes. [!] Fixed display problems painting pie slices in chart report control [!] SYSKEY read bug in password reset plug-in. The program crashed sometimes and was unable to read SYSKEY if it had been configured as a startup password or boot diskette. [!] Fixed some English grammatical errors [!] Improvement in PCD reader engine. Some corrupted *.pcd wordlists may caused program to fail. [!] Fixed problem with temporary directory creation [!] Fixed serious problem reading Utf8-based wordlists [!] Fixed 'Browse for folder' dialog bug. It hung sometimes when called (Windows 7 bug). [!] Fixed error in AI attack (wireless connection module). Some wireless passwords were not decoded properly. [!] Fixed some problems in Google Chrome decryption module of AI attack [!] Fixed multivolume bug in cab archive extraction module [!] Fixed IFilter memory allocation bug. The error may caused memory blocks not to be dealocated during AI attack. [!] Fixed yet another serious problem in Artificial Intelligence attack. It used to hung the program sometimes. [!] Fixed dictionary attack bug caused by improper progress save (it was impossible to continue the attack from the last saved position) [!] Fixed a minor problem in Combined dictionary attack [!] Fixed a bug in password mutation module. Affects the following attacks: Artificial Intelligence, Dictionary, Base-word. Version 1.3.1 [!] Fixed problem in password benchmarking. The benchmark showed incorrect speed sometimes [!] Fixed statistics bug, attack run time was displayed incorrectly [*] Reports have been rewritten from scratch, added some options for better customization and visualization. [*] Some minor improvements in import module [+] The program now popups a notification message (how many passwords were found, time elapsed, etc.) upon attack completion [+] Hardware monitor - displays CPU and memory load [+] Offline Password Remover plugin [+] Added new reports: preferred attack statistics, attack timings, attack speed efficiency analysis, attack overall efficiency analysis, PC CPU speed Version 1.2.0 [!] Several UI cosmetic fixes and workarounds [!] Some progress data were loaded incorrectly [!] Several minor improvements and fixes in program logic [!] Fixed combined dictionary attack bug. The attack sometimes ran past the end (if mutation was off). [*] Keyboard passwords module (in preliminary attack) has been reconstructed in order to perform more deep search. [*] All attacks except AI and preliminary were rivised [*] Mask attack has been rewritten, mask attack syntax was changed. [*] Minor changes in ZIP pack/unpack module [*] AI attack speed improvement [+] Added new mutation rules. Affects the following attacks: Artificial Intelligence, Dictionary, Base-word, Preliminary. [+] Added Safari decryption module to Artificial Intelligence attack [+] Added new hex passwords module to Preliminary attack [+] Added new password generation rule to the combined dictionary attack. Now you can use a charset as a word delimiter for generated passwords [+] Task pane now has a legend (short description of what all these hash icons mean). [+] New built-in protection against asterisks viewers. For example, if an external program (asterisks password revealer) would try to unhide asterisks in remote machine dialog, it would get nothing. [+] Added new Office 2010 interface skins [+] Asterisk password revealer addon [+] Caption bar tips and quotes [+] Added new mutation rules to pass-phrase attack Version 1.1.3 [!] Fixed error in hash search engine. The program was unable to find some passwords after list items had been sorted or deleted. [!] Fixed column sort bug [!] Fixed hash items removal bug. Checked items were not deleted properly sometimes. [!] Minor memory bug in ZIP decryption engine [+] Some optimizations to operate with extra large (>10000) lists of hashes [+] Some optimization were done for faster NTLM hashes recovery [+] Recovery engine was rewritten partially in order to be able to process tens or even hundreds of thousands hashes [+] Passcape Password Prediction engine was optimized to get rid of slow performance during recovery [+] A lot of changes to make program compatible with GPU recovery engine Version 1.0.1 [!] Log window has been reconstructed. Old one was too slow to hold several thousands entries. [!] Fixed minor bug in hash-check engine [!] Error in the list of hash. Some found items were not deselected properly (if the unselect option was set). [!] Fixed minor bug in the hash-search engine [!] The program didn't start properly on some old OSes. [+] Duplicate hash search algorithm has been renewed and improved significantly. Now it runs faster when a password is found. [+] Dictionary-to-hash generator tool [+] Some optimizations were done to hold big lists of hashes Version 1.0.0 [!] Output log window reconstruction to gain more speed Version 1.0.0 Final public realease Version 0.4.0 Beta4 [!] A number of minor bugs fixed [!] Bug in indexed rainbow table decryption was fixed [!] Corrected outgoing links to external resources [!] Dictionary generation improvements [!] All dictionaries by default are stored in DIC subfolder now [+] The program was split into 3 editions [+] Password reports with print and save features Version 0.3.0 Beta3 [!] Fixed numerous interface issues [!] Fixed update checker bug [!] Fixed start page broken links [!] Fixed error enumerating cached passwords (when importing from binary files) [!] NT hashes were not selected properly (even if the "select NT hashes after import" option was set) [!] WPR services were rebuilt to get ride of some Windows 7 incompatibility errors [!] Fixed several Windows x64 compatibility issues [!] Slightly improved the module for dumping remote hashes [!] A serious error was fixed in offline LSA secret decoder module. The bug caused a critical failure on Vista+ machines with SYSKEY option set to startup password. [!] SYSKEY startup password (if the option is set in the system) is asked only once now, eg. cached by the program. [+] Added multilangual support [+] Added Russian interface language [+] Help file [+] Demo notification dialog on exit [+] New hash import modules: import from backup files, import from system repair folder, import from Restore Points, and Volume Shadow Copies [+] Added new tool for backing up current system registry files and Active Directory database Version 0.2.0 Beta2 [!] Up to 20% speedup in dictionary attack (when mutation option is set on) [!] Fixed a problem importing hashes from Lastbit *.winpsw v7 project files [!] Import from SamInside *.hashes has been fixed and improved significantly. [!] Fixed a problem when the program was unable to overwrite old batch attack settings [!] Fixed a minor bug in Rainbow attack options. Overall table statistics was not updated after a table was deleted from the list. [!] More properly thread initialization helped to get rid of some unhandled errors [!] Fixed numerous errors in batch attack [!] Fixed combined dictionary attack initializztion error [!] Attack progress (for some attacks) did not work properly [!] More sophisticated and deep error handling in recovery engine [+] Added icons to log messages, simple system configuration, color markers [+] The user can now remove a batch attack (in batch open dialog) [+] Added extra description field to a batch attack settings [+] Added 2 batch attack samples to the product's distributive [+] Indexed rainbow tables (*.rti) support Version 0.1.0 Beta1 [+] First public release =====================================================================