-[README for Pandora v2.0 February 28, 1998]-
  -----------------------------------------

This is the README for Pandora v2.0. It is chock full of exciting 
info absolutely guaranteed to enhance your life. Comments and bugs
to <pandora@nmrc.org>, flames to <root@127.0.0.1>.

Contents of this file:

 - Short Abstract
 - From the Team
 - Manifest
 - Unix Installation
 - DOS Installation
 - Speed Considerations
 - Copyright Notice

-[Short Abstract]-
  --------------
Pandora is the name given a set of programs and utilities for 
extracting and cracking passwords from Novell Netware 4.x. It can
be used for password recovery and testing of the strength of
passwords. In the hands of administrators, it can be very helpful.
In the hands of hackers, it can be very dangerous.

More details concerning the operation of the software and NDS in
general can be found in the text files INSIDE.TXT and CRYPT.TXT.

-[From the Team]-
  -------------
Usage of Pandora is fairly straight forward. Most utilities make
use of a "-h" switch for help. All utilities make use of a "-v"
switch that puts the utility in "verbose" mode. However, most of
the time verbose mode substantially slows down operation of the
program.

Why is there no GUI for Pandora? Actually it has been considered,
but bear in mind that Pandora would be even slower running under
some GUI app (X WIndows or MS Windows). If there is enough 
interest we may do something, although don't hold your breath.

Future plans for Pandora that we are considering include an
adaptation of Greg Miller's man-in-the-middle attack code, 
porting of intrude.exe and supe.exe to Linux for attacking via 
Linux' IPX support, and a free solution to the $200.00 highway 
robbery Novell charges for replacing a deleted Admin. We will
also adapt over a large number of Thomas Lackner's ideas for
Pandora, including some sane error handling (sorry Thomas, but
next version we promise!!).

If you wish to help NMRC and/or the development of Pandora, then
consider Pandora to be hard/software instead of freeware. That
is, if you find Pandora useful, contact Jitsu-Disk in Europe
or Simple Nomad in the USA and donate hardware ;-)

We've had a lot of fun on version 2, and promise more fun in
the future. Thanks for all of your support.

Simple Nomad and Jitsu-Disk

-[Manifest]-
  --------
Files included in Pandora v2.0:

 pandora-2.0-tar.gz (for Unix, although will compile under DOS)
  CHANGE.LOG                    changes made to v2.0
  CRYPT.TXT                     Jitsu-Disk's crypto.c analysis
  LICENSE                       GNU License
  Makefile                      Makefile
  INSIDE.TXT                    Simple Nomad's NDS analysis
  README                        This file
  convert.c                     convert source code
  crypto.c                      crypto source code
  crypto.h                      crypto header file
  crypto2.c                     crypto2 source code
  extract.c                     extract source code
  globals.h                     Pandora global variables
  intrude.c                     intrude source code (for DOS only)
  manipul8.c                    manipul8 source code
  nds_stuf.h                    NDS structure header file
  password.h                    Pandora password header file
  supe.c                        supe source code (for DOS only)

 pandora2.zip (for DOS)
  CHANGE.LOG                    changes made to v2.0
  CRYPT.TXT                     Jitsu-Disk's crypto.c analysis
  LICENSE                       GNU License
  INSIDE.TXT                    Simple Nomad's NDS analysis
  README                        This file
  convert.exe
  crypto.exe
  crypto2.exe
  extract.exe
  intrude.exe
  manipul8.exe
  supe.exe

-[Unix Installation]-
  -----------------
1. gunzip pandora-2.0-tar.gz
2. tar xvf pandora-2.0-tar
3. cd pan
4. Edit the Makefile as needed for your environment.
5. make install ( to build and install it, or make pandora to build only )

-[DOS Installation]-
  ----------------
1. Change to (or make a new) fave directory.
2. Type "pkunzip pandora2.zip" minus the quotes, assuming you have
   pkunzip.

-[Speed Considerations]-
  --------------------
Massive improvements have been made to the crypto routines by
Jitsu-Disk. Details are in his paper CRYPT.TXT.

Here are the speeds involved in brute force in the crypto
program:

         /------------------------------------------\
         |   platform    |    OS     |crypts per min|\
         |---------------|-----------|--------------||
         |Intel 486/33Mhz|    DOS    |    330,000   ||
         |Pentium 100Mhz |    DOS    |  9,150,000   ||
         |PowerPC 200Mhz |    AIX    | 12,500,000   ||
         |AIX H10 233Mhz |    AIX    | 22,300,000   ||
         \------------------------------------------\|
          \------------------------------------------

To put these speeds into perspective, the following chart
assumes having to search the entire key space for a password.
These speeds can be improved by using manipul8 to "spread the
key space" across several different boxes. 

/-----------------------------------------------------------\
|   platform    | pswd len | chars used | est time to crack |\
|---------------|----------|------------|-------------------||
|Intel 486/33Mhz|     5    |    A-Z     |   15.6 hours      ||
|Pentium 100Mhz |     5    |    A-Z     |   33.7 minutes    ||
|PowerPC 200Mhz |     5    |    A-Z     |   24.7 minutes    ||
|AIX H10 233Mhz |     5    |    A-Z     |   32.0 seconds    ||
|---------------|----------|------------|-------------------||
|Intel 486/33Mhz|     5    |  A-Z,0-9   |   109+ hours      ||
|Pentium 100Mhz |     5    |  A-Z,0-9   |   237+ minutes    ||
|PowerPC 200Mhz |     5    |  A-Z,0-9   |   174+ minutes    ||
|AIX H10 233Mhz |     5    |  A-Z,0-9   |   2.7  minutes    ||
|---------------|----------|------------|-------------------||
|Intel 486/33Mhz|     5    |   all 65   |   158+ days       ||
|Pentium 100Mhz |     5    |   all 65   |   137+ hours      ||
|PowerPC 200Mhz |     5    |   all 65   |   100+ hours      ||
|AIX H10 233Mhz |     5    |   all 65   |   52.0 minutes    ||
|---------------|----------|------------|-------------------||
|Intel 486/33Mhz|     6    |    A-Z     |   15.6 hours      ||
|Pentium 100Mhz |     6    |    A-Z     |   33.7 minutes    ||
|PowerPC 200Mhz |     6    |    A-Z     |   24.7 minutes    ||
|AIX H10 233Mhz |     6    |    A-Z     |   13.8 minutes    ||
|---------------|----------|------------|-------------------||
|Intel 486/33Mhz|     6    |  A-Z,0-9   |   109+ hours      ||
|Pentium 100Mhz |     6    |  A-Z,0-9   |   237+ minutes    ||
|PowerPC 200Mhz |     6    |  A-Z,0-9   |   174+ minutes    ||
|AIX H10 233Mhz |     6    |  A-Z,0-9   |   97.6 minutes    ||
|---------------|----------|------------|-------------------||
|Intel 486/33Mhz|     6    |   all 65   |   158+ days       ||
|Pentium 100Mhz |     6    |   all 65   |   137+ hours      ||
|PowerPC 200Mhz |     6    |   all 65   |   100+ hours      ||
|AIX H10 233Mhz |     6    |   all 65   |    56+ hours      ||
|---------------|----------|------------|-------------------||
|Intel 486/33Mhz|     7    |    A-Z     |   17.0 days       ||
|Pentium 100Mhz |     7    |    A-Z     |   14.6 hours      ||
|PowerPC 200Mhz |     7    |    A-Z     |   10.7 hours      ||
|AIX H10 233Mhz |     7    |    A-Z     |    6.0 hours      ||
|---------------|----------|------------|-------------------||
|Intel 486/33Mhz|     7    |  A-Z,0-9   |   164+ days       ||
|Pentium 100Mhz |     7    |  A-Z,0-9   |   142+ hours      ||
|PowerPC 200Mhz |     7    |  A-Z,0-9   |   104+ hours      ||
|AIX H10 233Mhz |     7    |  A-Z,0-9   |    58+ hours      ||
|---------------|----------|------------|-------------------||
|Pentium 100Mhz |     7    |   all 65   |   372+ days       ||
|PowerPC 200Mhz |     7    |   all 65   |   272+ days       ||
|AIX H10 233Mhz |     7    |   all 65   |   152+ days       ||
|---------------|----------|------------|-------------------||
|AIX H10 233Mhz |     8    |    A-Z     |   156+ hours      ||
|AIX H10 233Mhz |     8    |  A-Z,0-9   |    87+ days       ||
\-----------------------------------------------------------\|
 \-----------------------------------------------------------

-[Copyright Notice]-
  ----------------
               Pandora v2.0 - Netware 4.x Attack Software
            Main Programmer - Simple Nomad <thegnome@nmrc.org>
       Original Crypto Code - itsme <itsme@xs4all.nl>
Speed of Light Enhancements - Jitsu-Disk <golgo13@pratique.fr>
            Idea Influence  - Greg Miller, Al Grant, Rx2, 
                              Thomas Lackner

Copyright (C) 1997, 1998 Nomad Mobile Research Centre

This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public License
as published by the Free Software Foundation; either version 2
of the License, or any later version.

This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
GNU General Public License for more details.

You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307,
USA.


