 |
|
 |
 |
Menu |
 |
|
 Home |
| |
|
 Discussions |
| |
|
 Tools |
| |
|
| Affiliates |
| |
|
 Content |
| |
|
 Info |
| |
|
|
|
|
|
|
User Info |
|
 Membership:
 Latest: MichaelSnaRe
 New Today: 0
 New Yesterday: 0
 Overall: 9145
 People Online:
 Visitors: 573
 Members: 0
 Total: 573
|
|
|
|
|
|
PacketStorm News |
|
|
|
 |
|
 |
 |
|
 |
IT Security and Insecurity Portal |
|
|
IPB, Dictionary |
|
 Posted: Tue Jan 08, 2008 1:21 pm |
 |
|
| lmaoqwerty |
| Regular user |
 |
| |
| Joined: Jan 06, 2008 |
| Posts: 11 |
|
|
|
 |
|
 |
|
So the other day i was thinking...why do we go through all the trouble to make exploits that get us the MD5 Hash of a program?
Wouldn't it be much easier to make an exploit that brute forces the password of a specified username (not the Member ID) using a dictionary? It would be so much easier, no? |
|
|
|
|
|
Re: IPB, Dictionary |
|
| Posted: Tue Jan 08, 2008 1:55 pm |
|
|
| waraxe |
| Site admin |
 |
| |
| Joined: May 11, 2004 |
| Posts: 2407 |
| Location: Estonia, Tartu |
|
|
|
|
|
|
| lmaoqwerty wrote: | So the other day i was thinking...why do we go through all the trouble to make exploits that get us the MD5 Hash of a program?
Wouldn't it be much easier to make an exploit that brute forces the password of a specified username (not the Member ID) using a dictionary? It would be so much easier, no? |
There are two ways to bruteforce and wordlist attacking:
1. online attack
2. offline attack
Your idea involves first method. Of course, you can run bruteforce or wordlist attacks against REMOTE target, but it has drawbacks:
a) it's slow (like ~100 000 times or more slower) 
2) server logs will be filled with "noise"
3) anti-bruteforce measures can be in place
4) CAPTCA can be used against bots and scripts
If you manage to steal hash from remote database, then local (offline) cracking is available and you have now greatly better chances to crack password, compared to online method.
Even better - there are lot's of web applications with weak session management design, so that stealed hash can be "reused" without even knowing original plaintext password. |
|
|
|
|
|
|
IPB |
|
| Posted: Wed Jan 09, 2008 3:17 am |
|
|
| lmaoqwerty |
| Regular user |
|
| |
| Joined: Jan 06, 2008 |
| Posts: 11 |
|
|
|
|
|
|
|
yeh i have this guy's hash, and by editing the cookies i can get access to his account even without the password. But I still want to know his password. Because it could be the same as his msn password and what-not. So anyways, my question is this:
How can i do an online attack?
How do I crack an IPB 2.1.5 hash that is salted?
Thanks,
Later |
|
|
|
|
| Posted: Wed Jan 09, 2008 6:58 am |
|
|
| pexli |
| Valuable expert |
 |
| |
| Joined: May 24, 2007 |
| Posts: 665 |
| Location: Bulgaria |
|
|
|
|
|
|
| I see you get his hash and salt.Use PasswordsPro to crack it. |
|
|
|
|
www.waraxe.us Forum Index -> Newbies corner
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
All times are GMT
Page 1 of 1
|
|
|
|
Powered by phpBB © 2001-2008 phpBB Group
|
|
|
|
|
|
|
