 |
Menu |
 |
|
 Home |
| |
|
 Discussions |
| |
|
 Tools |
| |
|
| Affiliates |
| |
|
 Content |
| |
|
 Info |
| |
|
|
|
|
|
|
User Info |
|
 Membership:
 Latest: MichaelSnaRe
 New Today: 0
 New Yesterday: 0
 Overall: 9145
 People Online:
 Visitors: 791
 Members: 0
 Total: 791
|
|
|
|
|
|
PacketStorm News |
|
|
|
 |
|
 |
 |
|
 |
IT Security and Insecurity Portal |
|
|
Decode passwords |
|
 Posted: Thu May 18, 2006 4:01 pm |
 |
|
| Yanni |
| Regular user |
 |
| |
| Joined: May 18, 2006 |
| Posts: 5 |
| Location: UK |
|
|
 |
|
 |
|
Hi everyone,
Absolutely new to this. Managed to get a copy of the database of a site which runs on phpBB 2.0.x
These guys were users on my forum and then started a new forum behind my back with just an "er" appended to the name, they then proceeded to email all my users (having coerssed one of the site admins to give them a copy of my database) and told them my site was closed and their site was the new home... as you can see I am not particulaly pleased and want to regain control.
I have a copy of their database - is it possible to find out what their passwords are because they are encrypted in the SQL dump that I have?
All help much appreciated. |
|
|
|
|
|
|
|
|
| Posted: Mon May 22, 2006 3:35 pm |
|
|
| Yanni |
| Regular user |
|
| |
| Joined: May 18, 2006 |
| Posts: 5 |
| Location: UK |
|
|
|
|
|
|
| Ok, so it would seem my initial question was one of those "stupid questions".... if anyone would pm me I could tell them about my site and the offending site - perhaps one of you guys would then do some deeper investigations for me. |
|
|
|
|
| Posted: Tue May 23, 2006 12:09 am |
|
|
| waraxe |
| Site admin |
 |
| |
| Joined: May 11, 2004 |
| Posts: 2407 |
| Location: Estonia, Tartu |
|
|
|
|
|
|
So you have in your possession database dump. Well, then you can try to crack md5 hashes or try to use them directly. It all depends on many factors - like phpbb version, session handling specifics and so on.
My suggestion is to post here some md5 hashes and then let' see, are they crackabe or not  |
|
|
|
|
|
|
|
|
| Posted: Tue May 23, 2006 11:26 am |
|
|
| Yanni |
| Regular user |
|
| |
| Joined: May 18, 2006 |
| Posts: 5 |
| Location: UK |
|
|
|
|
|
|
Is this what you need -
1 00601c543883cae9fc9505bdc5418f83
1 00b18fed45cb846b2727bd4c40cc403b
1 00bfc8c729f5d4d529a412b12c58ddd2
1 00eda5525b6289b0ded9eb0bf318efef
1 0115ce57cd52ca66533eed97266db625
1 014714410ca2876672fdcf0c74527d60
1 014d23df80b533364d87dd72fe0f27ab
1 016b97dae13708187674d5d25cd8b1a8
1 01b3f378798d72bf73c8050d76707e0a
1 01cdc81c1e961f04b2feed3ff48ae242
1 01d0f19826c34796c0ea680079be789a
1 01d2795e19a0d04aa7277ea32a326f97
1 01ebb54ac1d0ad580d7adf2d04d17b3f
1 022b59c0938b4e8f6eaa3884c7daa536
1 023afa8ceb2925eba366bf91b118b4d0
1 02532bdc1420c1aab2c5c7699cdb4cb5
1 029f30558fe8440e6dd6bcc3cecb6aa0
2 02c75fb22c75b23dc963c7eb91a062cc
1 02d3c5b50a3d1c3183ee959198e36c26
1 0307102bd8187f40deb8d340a84761fd
1 036cc2ddcd70ce83473bf323b50a1be9
1 03bb9c34ee1d175f850bd0d72e194cb3
1 0446392b1d7ef4761f6e4deece46eacc
1 046f8ef9508c8f9a52810cd36a7397dc
Think it was from pbpBB2 version 2.0.19 i think... |
|
|
|
|
|
|
|
|
| Posted: Tue May 23, 2006 12:32 pm |
|
|
| waraxe |
| Site admin |
|
| |
| Joined: May 11, 2004 |
| Posts: 2407 |
| Location: Estonia, Tartu |
|
|
|
|
|
|
Using http://www.csthis.com/md5/index.php
00bfc8c729f5d4d529a412b12c58ddd2 --> pokemon
0115ce57cd52ca66533eed97266db625 --> rosanna
01b3f378798d72bf73c8050d76707e0a --> dolphins
01cdc81c1e961f04b2feed3ff48ae242 --> edinburgh
And so on ... |
|
|
|
|
| Posted: Wed May 24, 2006 12:28 pm |
|
|
| Yanni |
| Regular user |
|
| |
| Joined: May 18, 2006 |
| Posts: 5 |
| Location: UK |
|
|
|
|
|
|
OK thanks - yes that works for some of the passwords, I take it that where it doesnt work is when a user has used a more secure password string - i.e. not a standard word... am i correct?
Unfortunately it doesnt work for the guys whos passwords I wanted - like the admin of the site - what can and should i try next to get access to their site or the admin passwords they have now? |
|
|
|
|
|
|
|
|
| Posted: Wed May 24, 2006 2:30 pm |
|
|
| waraxe |
| Site admin |
|
| |
| Joined: May 11, 2004 |
| Posts: 2407 |
| Location: Estonia, Tartu |
|
|
|
|
|
|
| Yanni wrote: | OK thanks - yes that works for some of the passwords, I take it that where it doesnt work is when a user has used a more secure password string - i.e. not a standard word... am i correct?
Unfortunately it doesnt work for the guys whos passwords I wanted - like the admin of the site - what can and should i try next to get access to their site or the admin passwords they have now? |
You can post here those uncrackable password hashes (for admins etc)
and then let's see - maybe someone can still crack them |
|
|
|
|
|
|
|
|
| Posted: Wed May 31, 2006 12:10 pm |
|
|
| Yanni |
| Regular user |
|
| |
| Joined: May 18, 2006 |
| Posts: 5 |
| Location: UK |
|
|
|
|
|
|
Hi, yes that would be excellent if anyone could help out - here below are some of the ones I am unable to crack. Waraxe, I will PM you the name of the site that they refer to...
USERNAME
Blackadder aab04fe52d7da57c67ecda82d319f03e
out4zero 8c14677e026e95a239e179e91c3ff3c7
BODiE b5e2e5c3b20320d62c154f328359e97a
myke edc73a1d211fbd30b9b22bc1dba8817f
1k memory 27a5148ea0fbddae22d902bea9a19531
p14wry 3198909bf44d329d85a6af7c6dcdbcfd
seAr e94929037e3d439f22e4c20172fca705
ljs 42f2951553ee2439025e8843f3bb6c13
FMC c9061adb3e5da9a0216ff2ae20ef4ea5
Jenga 4cd253075cf1475149d1d3724cb9b00f
Smeg 0f65ffde588c21cf64a07d93e1606c1b
tubbylad bd4bc1d09f398f1612688061d4382709
These are the usernames of the MODS and ADMINS on the site. |
|
|
|
|
|
|
|
|
| Posted: Wed May 31, 2006 9:44 pm |
|
|
| waraxe |
| Site admin |
|
| |
| Joined: May 11, 2004 |
| Posts: 2407 |
| Location: Estonia, Tartu |
|
|
|
|
|
|
| Yanni wrote: | Hi, yes that would be excellent if anyone could help out - here below are some of the ones I am unable to crack. Waraxe, I will PM you the name of the site that they refer to...
USERNAME
Blackadder aab04fe52d7da57c67ecda82d319f03e
out4zero 8c14677e026e95a239e179e91c3ff3c7
BODiE b5e2e5c3b20320d62c154f328359e97a
myke edc73a1d211fbd30b9b22bc1dba8817f
1k memory 27a5148ea0fbddae22d902bea9a19531
p14wry 3198909bf44d329d85a6af7c6dcdbcfd
seAr e94929037e3d439f22e4c20172fca705
ljs 42f2951553ee2439025e8843f3bb6c13
FMC c9061adb3e5da9a0216ff2ae20ef4ea5
Jenga 4cd253075cf1475149d1d3724cb9b00f
Smeg 0f65ffde588c21cf64a07d93e1606c1b
tubbylad bd4bc1d09f398f1612688061d4382709
These are the usernames of the MODS and ADMINS on the site. |
I was using Cain, some huge wordlists, some bruteforce cracking,
and as result - half of the hashes were cracked:
| Code: |
Plaintext of 27a5148ea0fbddae22d902bea9a19531 is jupiter
Plaintext of 4cd253075cf1475149d1d3724cb9b00f is elaine1
Plaintext of b5e2e5c3b20320d62c154f328359e97a is firetrap1
Plaintext of c9061adb3e5da9a0216ff2ae20ef4ea5 is funboy3
Plaintext of 0f65ffde588c21cf64a07d93e1606c1b is udauff
Plaintext of 8c14677e026e95a239e179e91c3ff3c7 is telephone40
|
See ya |
|
|
|
|
|
|
|
|
| Posted: Sun Jun 04, 2006 3:32 pm |
|
|
| berlo1 |
| Beginner |
|
| |
| Joined: Jun 04, 2006 |
| Posts: 1 |
|
|
|
|
|
|
|
Sorry to butt in, but I've got a MD5 that I've not been able to crack.
It may not even be in english.
Can you please help me with it?
Here it is:
| Code: | | 0f49893a357031b4bbd689c8f10f160f |
|
|
|
|
|
www.waraxe.us Forum Index -> Newbies corner
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
All times are GMT
Page 1 of 1
|
|
|
|
Powered by phpBB © 2001-2008 phpBB Group
|
|
|
|
|
|
