GET YOUR VULNERABILITY AND THREAT DATABASE SUBSCRIPTION
EKOLABS 2016


Tools

Published on February 1st, 2014 | by NJ Ouchn

0

[New Tool] racfsnow Password cracker for RACF (IBM mainframe) v1.5 in the wild

RACFSNOW is a highly optimised PC program for performing a dictionary attack against a RACF database, with the option of using a database unload (IRRDBU00) to validate the User IDs to attack.

It uses an ini file to control various parameters to enable focusing the attack on certain user IDs and or passwords.

This program is very original since the community is lacking such free utilities to perform security assessment on IBM Mainframe (zOS and other subsystems). I hope the author could add more features to extend it to do more tests such as : checking for the system version, checking for the datasets, elevating privileges using ISPF, gathering information using RACF TSO commands. Pentesting RACF  systems is not an easier task since one’s has to fully understand the zOS architecture.

Check here full documentation >> http://www.racfsnow.co.uk/racfsnow.pdf

This tool has been submitted by Nigel Pentland

 

 

Tags: , , , ,


About the Author

“Passion is needed for any great work, and for the revolution, passion and audacity are required in big doses”



Leave a Reply

Your email address will not be published. Required fields are marked *

Back to Top ↑