                   README for Pandora v4.0 December 2, 1999

Contents of this file:

*Short Abstract
*Rant
*What's New in Beta 2
*Differences between Windows and Unix versions
*Unix Installation
*Win95/98/NT Installation
*Speed Considerations
*Next Version
*Copyright Notice


                              Short Abstract

Pandora is the name given a set of programs and utilities for extracting
and cracking passwords from Novell Netware. It can be used for password
recovery and testing of the strength of passwords. In the hands of
administrators, it can be very helpful. In the hands of hackers, it can be
very dangerous.

More details concerning the operation of the software and NDS in general
can be found in the text files INSIDE.TXT and CRYPT.TXT.

With Pandora v4.0, NMRC ushers in a new exciting and at the same time dark
forboding experience -- the Windows-based GUI. Writing the program has 
proven to be fun and ugly. We really hate Microsoft, and so we really 
didn't like providing a program to the masses that made the Microsoft 
platform interesting or useful. Therefore we made some design 
considerations that do not follow the "Microsoft" way of application 
development. We think you'll understand why. Read on.


                                   Rant

Pandora was developed using freeware compilers and libraries, and uses no
large corporation APIs into Microsoft or Novell products. We used Linux
Red Hat with an IPX-aware kernel, WIndows NT, and Windows 95 in the
development of the software, and tested it against Netware versions 4.x
and 5.x with the latest patches as of June 21, 1999. Netware client 
software was also the latest version for the Windows clients, and we used
the latest Red Hat offerings as well as the latest ncpfs software for
the Linux side.

A conscious effort was made to make the code 99.9% portable between Windows
95/98/NT and Linux running X. We feel we have accomplished this for the
most part, although users may complain about it not looking exactly like
some other 95/98/NT program as a result. We used the GNU compiler on Linux,
and the excellent port of the GNU compiler by D. J. Delorie for the
Windows environment. We also used the RSXNT libraries on the Windows side
to ensure nice and neat integration into Windows networking, etc., and to
keep the program looking the same between Windows and Linux we used the
MGui graphics library. All of these coding tools are either free, or free
if the end program itself is free. This fit in nicely into our anti-big-
corporate-coding-tools model.

To further this, we specifically did NOT use the Novell Netware SDK for
Pandora development, as their licensing places undo restrictions on 
developed code. All of the network-based exploits were done by sniffing
normal traffic and then duplicating the basic behavior of the packets to
achieve the desired results. All of the crypto elements used for cracking
passwords are from public sources. For example, the original algorithm
used to create the one-way hash for Netware passwords was published years
ago in Dr. Dobbs Journal. The Netherlands hacker itsme took that published
algorithm and made a number of useful tools from it, and Pandora is based
off of the source code of some of those tools. We've enhanced the algorithm
specifically for password cracking, but the functionality is essentially
the same. We also added The Ruiner's remote console password cracking
code in Pandora, as we encouraged him (and gave him all of our notes we
had on the algorithm, which wasn't much) and he produced a very useful
algorithm.

We could have used a large IDE such as those offered by Microsoft, Borland,
or some other code vendor, and quite possibly achieved a faster GUI, but
considering we are hackers we found the path we chose to be more satisfying
and spiritually in line with our philosophy. If we can achieve all we need
in the Linux environment, there is a distinct possibility we will stop
development on the Microsoft platform altogether and focus on Linux as the
official platform for Pandora. We encourage other hackers to do the same.


                            What's New in Beta 2

The GUI interface has some important new features:

   * Offline and Online components. Offline for cracking passwords offline,
     and Online for direct server attacks.
   * Improved GUI. We reported a number of bugs to Vincenzo Morello and he
     improved the MGUI library heavily.

   Offline includes:
   * Password cracking of Netware 4.x and 5.x passwords.
   * Reads native NDS files -- as well as maintenance files such as 
     BACKUP.DS and DSREPAIR.DIB -- and extracts password hashes for
     cracking.
   * Reads Netware 4.x and 5.x versions of NDS, BACKUP.DS, and 
     DSREPAIR.DIB.
   * Multiple accounts can be brute forced and dictionary cracked
     simultaneously.
   * Preset and user-definable keyspace for brute forcing.
   * On screen sorting of account listings for easy viewing.
   * Built-in NDS browser to look at all NDS objects.
   * Remote Console Decryption using The Ruiner's decryption algorithm.

   Online includes:
   * Improved NDIS packet driver for better stability.
   * Attach to servers using only the password hash (if you do not wish to
     crack them).
   * Dictionary attacks against NDS objects that detect if Intruder
     Detection was triggered.
   * GameOver spoofing attack against servers not using Level 3 packet
     signature.
   * Improved Level3-1 attack which no longer requires using a sniffer to
     find elusive data for Admin session hijacking, just add in the Admin's
     MAC address and we do the rest.
   * Sniff and snarf file grab. Sniff the wire for your target, and get a
     copy of files s/he's pulling down from the server. Works in Packet Burst
     mode.
   * Several Denial of Service attacks.


                Differences between Windows and Linux versions

The main difference between the Windows and Linux versions of Pandora is
that the client attack software include in the Online program is only fully 
functional in the Windows version. All of the Offline code works the same on
both platforms.


                             Linux Installation

   * tar zxvf pandora_linux_v4.0_b2.1.tgz
   * This will dump out all of the source, libraries, and binaries for
     Pandora into a subdirectory called pandora-linux.
   * YOU DON'T NEED TO COMPILE! Since this is for Linux, we've built it
     for you. We've included everything we used however - MGUI, libpcap,
     libnet, ncpfs, and our own source, for your modification and
     compiling pleasure.
   * Add icons into your X Window manager for Offline and Online, located
     in the ./pandora-linux/offline/ and ./pandora-linux/online
     subdirectories respectively.
   * Online will require root access for several of its features to function
     properly, especially the spoof and sniff features.


                          Win95/98/NT Installation

   * Install and configure the appropriate packet driver for your system
     from pan_drivers_b2.zip. To install the drivers, right-click on
     Network Neightborhood, to go Properties, then Protocols, and then
     Add. Navigate to the appropriate driver directory from the zip file
     and add it.
   * Unzip the appropriate zip file (pan_offline_pentium_b2.zip for the
     Offline Windows 95/98/NT, pan_online_95_b2.zip for Online Windows
     95/98, pan_online_NT_b2.zip for Online Windows NT) in a temp
     directory.
   * Run the setup.exe program.
   * Follow the on-screen prompts.

                              Copyright Notice

                  Pandora v4.0 - Netware Attack/Audit Software
            Primary Programmer - Jitsu-Disk [jitsu@nmrc.org]
             Additional Coding - Simple Nomad [thegnome@nmrc.org]
         Testing/GUI Influence - Hole [imnsho@nmrc.org]
          Original Crypto Code - itsme [itsme@xs4all.nl]
     More Original Crypto Code - The Ruiner

    Idea Influence / Bug Fixes - Greg Miller, Al Grant, Rx2,
                                 Thomas Lackner, g00ber.

            GNU C DOS Compiler - DJ Delorie [www.delorie.com]
                  MGUI GUI lib - Vincenzo Morello [volftp.tin.it/italiani/MORELLO/index_e.htm]
                   RSX Win32 C - Rainer Schnitker [www.mathematik.uni-bielefeld.de/~rainer/]
            NDIS Packet Driver - Loris Degioanni [netgroup-serv.polito.it/windump/]
                        Libnet - Mike Schiffman [www.packetfactory.net]

       Copyright (C) 1997, 1998, 1999 Nomad Mobile Research Centre

This program is free software; you can redistribute it and/or modify it
under the terms of the GNU General Public License as published by the Free
Software Foundation; either version 2 of the License, or any later version.

This program is distributed in the hope that it will be useful, but WITHOUT
ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
more details.

You should have received a copy of the GNU General Public License along
with this program; if not, write to the Free Software Foundation, Inc., 59
Temple Place - Suite 330, Boston, MA 02111-1307, USA.
