Thursday, December 31, 2020

NRN Infrastructure and Development (NRN) Declares First Dividend After Being Public

 NRN Infrastructure and Development Limited (NRN) has declared a 3% dividend for the fiscal year 2076/77.

The meeting of the board of directors held on Poush 16 has decided to distribute 2.85% of the paid-up capital as bonus shares and 0.15% in cash dividend. While the bonus shares are worth 3,22,814 units, the cash dividend worth Rs. 16,99,021 is for tax purposes.

This is the company's first dividend after being public and enlistment in NEPSE. After a successful IPO issue, NRN had made its debut on the Nepalese trading floor on August 26.

NRN Infrastructure and Development Limited (NRN) has already published its first-quarter report of FY 2077/2078 with an increase in Net Profit by 64.11%. The net profit of the company increased to Rs. 34.94 Lakhs from Rs. 21.29 Lakhs in the corresponding quarter of the previous year.

The company’s paid-up capital stood at Rs. 1.13 Arba and has a reserve and surplus of Rs. 3.92 crores. The company has an investment in associates of Rs. 38.03 crores in Q1 of FY 2077/2078. NRN reported total revenue of Rs. 67.09 Lakhs and an operating profit of Rs. 57.92 Lakhs in this quarter. The company reported an annualized EPS of Rs. 1.23 and net worth per share of Rs. 103.47. The stock traded at a P/E multiple of 283.66 times.

SEBON Just Approved the Biggest IPO Issue Ever; 8 Crore Unit Shares to be Issued

 SEBON has approved the IPO issue proposal of Nepal Infrastructure Bank Limited.

Nepal Infrastructure Bank Limited had submitted an application in SEBON to issue IPO for 40% of its issued capital. This amounts to 8 crore shares in the IPO worth 8 Arba. The bank has already appointed CIT as the underwriter and NIBL Ace Capital as the issue manager.

Now that the issue is approved, this will be the biggest IPO in the history of Nepal's capital market. The second AGM of the company had endorsed/approved the issuance of IPO. After the IPO issuance, the company's paid-up capital will reach Rs. 20 Arba from the existing Rs. 12 Arba.

The company was established to serve and benefit from investment in significant infrastructure projects like Hydropower projects, road infrastructures, etc. However, Nepal Infrastructure Bank's profit declined by 12.43% to Rs 18.01 crore in the first quarter of the fiscal year 2077/78. Its annualized earning per share stands at Rs 6, and net worth per share stands at Rs 115.

Chandragiri Hills issuing IPO share to general public from Poush 24; Lucky 1.39 lakh applicants will get 10 unit shares

 Chandragiri Hills Limited will be issuing 15,34,091 units worth Rs 15.34 crore as Initial Public Offering to the general public from Poush 24, 2077. The early closing date of this issue is on Poush 28 and if the issue is not fully subscribed till Poush 28, then it can be extended up to Magh 09, 2077.

Out of the offered 15,34,091 units; 4% of the total offered shares to the general public i.e. 61,364 units have been set aside for the employees of the company and 5% of the total offered shares to the general public i.e. 76,705 units have been set aside for the mutual funds. The remaining 13,96,022 units are for the general public.

Thursday, March 29, 2018

Vacancies at Prime Bank Ltd.

Various positions are required in Prime Bank Ltd.


Prime Bank Ltd. is seeking application for various positions from suitably qualified, dynamic and result oriented Nepalese Citizens with strong interpersonal skills and pleasant personality.


Wednesday, February 22, 2017

Password Retrieving with John the Ripper

Introduction

John the Ripper is free and Open Source software, distributed primarily in source code form. If you would rather use a commercial product tailored for your specific operating system, please consider John the Ripper Pro, which is distributed primarily in the form of "native" packages for the target operating systems and in general is meant to be easier to install and use while delivering optimal performance.

Installing John

Although, at least on the distributions we tried, the package in named simply "john" with Gentoo making an exception and naming it "johntheripper", we will make it easy for you and show you how to install it on several known distributions.

Debian

Debian differs from other distributions that offer John in their repositories because it offers a nice manual page, although upstream doesn't have one. To install, simply type
 # aptitude install john 

Fedora

On Fedora, it's also as simple as doing
 # yum install john 

Arch Linux

 # pacman -S john 

OpenSuse Linux

# zypper install john

Gentoo

As we said, Gentoo's package is named differently from what others offer, so here you will have to run
 # emerge johntheripper

Slackware

Although there doesn't seem to be a john package in the official repositories, there is a slackbuild that gets John installed on your system (this was tested on Slackware 13.37).
Although we gave you just a few examples on how you can get John on your Linux system, many of the examples presented will run if you have other OS installed: besides source code, the project offers the program for BeOS, Microsoft Windows, Solaris or MacOS X. But for our article, as the title says, we tested the examples on Linux.

Using John the Ripper

You need not worry about cryptic configuration files, as John is ready to use with the appropriate command-line flags with no other effort on your part. One word of warning, though: as you already noticed, we tell our readers when they should use root privileges and when they shouldn't. Except when noted, you are strongly recommended to use your normal everyday user (or another, if you prefer, but it shouldn't have super user rights). On my Debian system, John is available as /usr/sbin/john, so if you don't find it we recommend you use whereis and type the whole path when running john unprivileged (or you can simply create an alias).
The simplest way to get your feet wet is to type
 $ /usr/sbin/john --test 
for doing some tests and benchmarks on John's capabilities. If you have no idea what Kerberos, MD5, DES or Blowfish are, we recommend you start reading some basic security books, because, like we said before, you need some security/administration background. Now, let's create a text file in password format (<user>:<hash>) with a valid hash, of course, and get John to work. You can simply copy a user from /etc/shadow, but we recommend something simpler, because we presume you want to see the results as fast as you can. So create a file named password.txt somewhere inside your /home and put this in it:
myuser:AZl.zWwxIh15Q
Save the file, then simply feed it to John with no arguments (for now):
 $ /usr/sbin/john password.txt 
We must repeat our warning: password cracking is a CPU-intensive and long process, so depending on your system, that might take quite a while. However, this also depends on what you want to achieve, because if your powerful CPU has been crunching at the password(s) for days with no outcome, it's only safe to say that it's a good password. But if the password is really critical, leave the system until John finishes its' work to make sure everything is alright. Like we said before, this could take many days.
Now, if you have a powerful box with the sole purpose of testing passwords, which is always a good thing given the means, you can try your real-life passwords with John. One way is to use /etc/shadow directly, but we recommend you take a somewhat different course. Note that this applies to systems using shadow passwords, and all the modern Linux distributions do. John offers a nifty utility called unshadow, which we will use to create a file from our passwd and shadow files:
 # unshadow /etc/passwd /etc/shadow > mypasswd.txt 
Now make sure that mypasswd.txt is available to your normal user and do
 $ /usr/sbin/john mypasswd.txt 
John will try single crack mode first, then wordlist mode, then incremental. In John's terms, a mode is a method it uses to crack passwords. As you know, there are many kinds of attacks: dictionary attacks, brute force attacks, and so on. Well, this is roughly what John's modes are. As some of you might have realized, wordlist mode is basically a dictionary attack. Besides these three modes enumerated above, John also supports another one called external mode. You can select what mode to use with, for example, --single, --external and so on. We recommend you check out the documentation over at openwall.com for a good but brief description of every mode. But of course we will tell you, in short, what every mode does.
John the Ripper's documentation recommends starting with single crack mode, mostly because it's faster and even faster if you use multiple password files at a time. Incremental mode is the most powerful mode available, as it will try various combinations when cracking, and you can choose what kind of mode (mode applied to the incremental option) to use, including your own. External mode, as the name implies, will use custom functions that you write yourself, while wordlist mode takes a word list specified as an argument to the option (it can be a file with a list of words written one per line, or stdin) and tries a simple dictionary attack on passwords.
If John is succesful in cracking one of the passwords, it will write to ~/.john/john.pot. However, that file isn't human-readable, so you can read cracked passwords with
 $ /usr/sbin/john --show mypasswd.txt
To check if the root password got cracked, filter by UID:
 $ /usr/sbin/john --show --users=0 mypasswd.txt
Of course, John knows about wildcards and multiple files:
 $ /usr/sbin/john --show --users=0 *passwd*
Just as you can filter by user, you can also filter by group, by using the --groups flag, and that filtering is available also when cracking. Going further to wordlist mode, here's how you can use it with the built-in mangling rules enabled:
 $ /usr/sbin/john --wordlist=passwd.lst --rules passwd.txt
John also allows you to create multiple named sessions, which is practical, because since John can take lots of time to complete a task, you can later view all sessions running to decide which one to kill. The option for named sessions is --session=taskname and you can use --status or --status=taskname to see all or certain sessions. But there's more: you can restore sessions or particular ones by name using --restore or --restore=taskname. A few examples:
 $ /usr/sbin/john --session=allrules --wordlist=all.lst --rules mypasswd.txt
 $ /usr/sbin/john --status=allrules
 $ ps aux | grep john #get the PID of the john session you want to kill
 $ kill HUP $PID_of_john_session_to_kill
 $ /usr/sbin/john --restore=allrules
Here's some examples of using incremental mode with John:
 $ /usr/sbin/john --incremental mypasswd.txt
 $ /usr/sbin/john --incremental=alpha mypasswd.txt
Of course, this isn't a replacement of John's documentation. Although, as we said, it doesn't offer a manual page, you will find lots of documentation on its' page, as well as a useful wiki. For example, you will notice that even if you're running John on a multiprocessor machine, it will use only one core, usually the first. You can address this problem by reading the documentation and following the instructions there.

Conclusion

We feel that it might be best we end this article with a little word on ethics. Although it very well might not be your case, there are those few who've seen Hackers too many times and think of cracking (as opposed to hacking) as a cool activity. We only suggest you try and use your knowledge for good, not for something that has 99.8% of failing and getting you a nice criminal record. Have fun. 

Featured Post

RAR password retrieving with cRARk

cRARk is a .rar archive password retriever, but unlike rarcrack, can be customised to a far greater extent to allow partial passwords, wo...