Waraxe IT Security Portal  
  Login or Register
::  Home  ::  Search  ::  Your Account  ::  Forums  ::   Waraxe Advisories  ::  Tools  ::
December 20, 2014
Menu
 Home
 Logout
 Discussions
 Forums
 Members List
 IRC chat
 Tools
 Base64 coder
 MD5 hash
 CRC32 checksum
 ROT13 coder
 SHA-1 hash
 URL-decoder
 Sql Char Encoder
 Affiliates
 y3dips ITsec
 Md5 Cracker
 User Manuals
 AlbumNow
 Content
 Content
 Sections
 FAQ
 Top
 Info
 Feedback
 Recommend Us
 Search
 Journal
 Your Account



User Info
Welcome, Anonymous
Nickname
Password
(Register)

Membership:
Latest: Prospero22
New Today: 0
New Yesterday: 0
Overall: 8961

People Online:
Visitors: 152
Members: 0
Total: 152
milw0rm
·#1337day Soitec SmartEnergy 1.4 SCADA Login SQL Injection Authentication Bypass Exploit [#0day #Exploit]
·#1337day JourneyMap 5.0.0RC2 Ultimate Edition - DoS [dos #exploits #0day #Exploit]
·#1337day ManageEngine Desktop Central MSP Remote Code Execution Vulnerability [remote #exploits #Vulnerability #0day #Exploit]
·#1337day Tuleap PHP Unserialize Code Execution Exploit CVE-2014-8791 [webapps #exploits #0day #Exploit]
·#1337day phpTrafficA 2.3 SQL Injection Vulnerability CVE-2014-8340 [webapps #exploits #Vulnerability #0day #Exploit]
·#1337day Apache CloudStack 4.3 / 4.4 Unauthenticated LDAP Binds Vulnerability [remote #exploits #Vulnerability #0day #Exploit]
·#1337day PBBoard CMS - Stored XSS Vulnerability [webapps #exploits #Vulnerability #0day #Exploit]
·#1337day OpenEMR 4.1.2(7) - Multiple SQL Injection Vulnerabilities [webapps #exploits #Vulnerabilities #0day #Exploit]
·#1337day Humhub 0.10.0-rc.1 - XSS / SQL Injection vulnerabilities [webapps #exploits #0day #Exploit]
·#1337day VFU 4.10-1.1 - Buffer Overflow Exploit [remote #exploits #0day #Exploit]

read more...
PacketStorm News
·RSA Authentication Manager 8.0 / 8.1 Unvalidated Redirect
·RSA Archer GRC Platform 5.x Cross Site Scripting
·EMC Isilon InsightIQ Cross Site Scripting
·Docker Privilege Escalation / Path Traversal / Spoofing
·HP Security Bulletin HPSBUX03162 SSRT101767 3
·Debian Security Advisory 3099-1
·Advertisement: SolarWinds Log & Event Manager
·Red Hat Security Advisory 2014-1985-01
·Red Hat Security Advisory 2014-1984-01
·Gentoo Linux Security Advisory 201412-11

read more...
Log in Register Forum FAQ Memberlist Search
IT Security and Insecurity Portal

www.waraxe.us Forum Index -> Hash related information -> How to crack Vbulletin passes
Post new topic  Reply to topic View previous topic :: View next topic 
How to crack Vbulletin passes
PostPosted: Sun Jul 09, 2006 11:40 am Reply with quote
superninja
Active user
Active user
 
Joined: Jul 03, 2006
Posts: 38




in database /user\ there is column with the passes but i can't crack it with md5 reversing.And the hash of my password is different in phpbb?Ideas oh and someone know how can i import 50 MB Database because phpmyadmin allowes only 16kb?
View user's profile Send private message
md5 salted
PostPosted: Sun Jul 09, 2006 4:04 pm Reply with quote
oxygenne
Advanced user
Advanced user
 
Joined: Apr 13, 2005
Posts: 52




This is the simpliest explanation for vbulletin hashes
Lets say having password="test" and salt="h^1"

md5(md5(test)+h^1)
md5(098f6bcd4621d373cade4e832627b4f6+h^1)
md5(098f6bcd4621d373cade4e832627b4f6h^1)
final hash would be
8743363d7e7b25f28292d3e501e21029

The only way cracking these as far as i know is using passwordspro
View user's profile Send private message
Re: How to crack Vbulletin passes
PostPosted: Sun Jul 09, 2006 7:35 pm Reply with quote
waraxe
Site admin
Site admin
 
Joined: May 11, 2004
Posts: 2407
Location: Estonia, Tartu




superninja wrote:
Ideas oh and someone know how can i import 50 MB Database because phpmyadmin allowes only 16kb?


For big databases I have been using this script:

http://www.ozerov.de/bigdump

Code:

// BigDump ver. 0.21b from 2005-02-08
// Staggered import of an large MySQL Dump (like phpMyAdmin 2.x Dump)
// Even through the webservers with hard runtime limit and those in safe mode
// Works fine with Internet Explorer 6.0 SP1, Mozilla 1.x and even Netscape 4.8

// Author:       Alexey Ozerov (alexey at ozerov dot de)
// Copyright:    GPL (C) 2003-2005
// More Infos:   http://www.ozerov.de/bigdump


It works perfectly, even with safe_mode and restricted execution time limit Very Happy
View user's profile Send private message Send e-mail Visit poster's website
Re: md5 salted
PostPosted: Mon Jul 10, 2006 8:09 am Reply with quote
ALuserX
Regular user
Regular user
 
Joined: Jul 09, 2006
Posts: 5




oxygenne wrote:
This is the simpliest explanation for vbulletin hashes
Lets say having password="test" and salt="h^1"

md5(md5(test)+h^1)
md5(098f6bcd4621d373cade4e832627b4f6+h^1)
md5(098f6bcd4621d373cade4e832627b4f6h^1)
final hash would be
8743363d7e7b25f28292d3e501e21029

The only way cracking these as far as i know is using passwordspro


could you please tell me how to crack these using pswpro or at least help me to crack these

dbdd0a0c4fd0cd9f75dd8b3427c6cbfe
and
fd7550731c14dded64dc0a24b7f68910

please Rolling Eyes
View user's profile Send private message
:)
PostPosted: Mon Jul 10, 2006 9:50 am Reply with quote
oxygenne
Advanced user
Advanced user
 
Joined: Apr 13, 2005
Posts: 52




Besides hashes you need salt and cracking method which will be md5(md5($password).$salt) .Then choose between diferent types of attack dictionary,bruteforce,rainbow tables...Right click add hashes,add salts Very Happy
View user's profile Send private message
PostPosted: Mon Jul 10, 2006 12:31 pm Reply with quote
superninja
Active user
Active user
 
Joined: Jul 03, 2006
Posts: 38




damn it i have the datsbase user but there are different hashes just tell me how to crack it Smile
View user's profile Send private message
PostPosted: Mon Jul 10, 2006 12:47 pm Reply with quote
superninja
Active user
Active user
 
Joined: Jul 03, 2006
Posts: 38




and where can i found the salt speak more clear if you want to help not just to make some posts
View user's profile Send private message
:)
PostPosted: Mon Jul 10, 2006 5:28 pm Reply with quote
oxygenne
Advanced user
Advanced user
 
Joined: Apr 13, 2005
Posts: 52




Ok here is a hint /forum/install/upgrade_300b3.php?step=backup you can dump hashes and salts from user table.Working mostly on nulled vbulletin boards
View user's profile Send private message
PostPosted: Mon Jul 10, 2006 8:42 pm Reply with quote
superninja
Active user
Active user
 
Joined: Jul 03, 2006
Posts: 38




ok can you tell me the pass for


Hash : 4804a7f36fd8261daab27ef64cdcd91a
salt : tvH

Smile

i don't know what md5(md5(test)+h^1) is and what must i do with it but i'm sure i saw md5(md5($md5)$salt)[PHP] in passwords pro and the time for cracking was 2 days Shocked
View user's profile Send private message
PostPosted: Sat Jul 15, 2006 11:17 am Reply with quote
Vixje
Active user
Active user
 
Joined: Mar 25, 2006
Posts: 35




superninja wrote:
ok can you tell me the pass for


Hash : 4804a7f36fd8261daab27ef64cdcd91a
salt : tvH

Smile

i don't know what md5(md5(test)+h^1) is and what must i do with it but i'm sure i saw md5(md5($md5)$salt)[PHP] in passwords pro and the time for cracking was 2 days Shocked


thats the thing with salted pw's, could take days, weeks, months.. years? Smile
View user's profile Send private message
PostPosted: Wed Dec 06, 2006 1:09 am Reply with quote
J_CSW
Regular user
Regular user
 
Joined: Nov 29, 2006
Posts: 9




superninja wrote:
ok can you tell me the pass for


Hash : 4804a7f36fd8261daab27ef64cdcd91a
salt : tvH

Smile

i don't know what md5(md5(test)+h^1) is and what must i do with it but i'm sure i saw md5(md5($md5)$salt)[PHP] in passwords pro and the time for cracking was 2 days Shocked


how do you know what the salt is ? my raw data shows


INSERT INTO user VALUES('28','3','','0','username','74e13d4228ed5ecc542c3db110923b84','2006-10-20','username@email.com','0','','','','','','','','1','0',title','0','1161383649','0','1161383896','1161789938','0','0','10','5','0','1','0','0','0','7383','','0000-00-00','-1','-1','172.142.137.112','0','1','0','0','2','0','0',':#V','0','0','')

is 7383 the hash or :#V ???
View user's profile Send private message Visit poster's website MSN Messenger
PostPosted: Wed Dec 06, 2006 12:55 pm Reply with quote
Chb
Valuable expert
Valuable expert
 
Joined: Jul 23, 2005
Posts: 206
Location: Germany




Actually I don't know (I haven't got a table structure here), but I'd say your salt is ':#V'. Looks in my opinion a bit more like a typical salt than a number.

_________________
www.der-chb.de
View user's profile Send private message Visit poster's website ICQ Number
PostPosted: Fri May 16, 2008 10:51 pm Reply with quote
Terrivel
Beginner
Beginner
 
Joined: Jan 05, 2008
Posts: 3




Please
Hash: 68b9fffbf6ea664988af37a175be3f69
Salt: UG8
Vbulletin
View user's profile Send private message
How to crack Vbulletin passes
  www.waraxe.us Forum Index -> Hash related information
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
All times are GMT  
Page 1 of 1  

  
  
 Post new topic  Reply to topic  




Powered by phpBB 2001-2008 phpBB Group






It book reviews
All logos and trademarks in this site are property of their respective owner. The comments and posts are property of their posters, all the rest (c) 2004-2013 Janek Vind "waraxe"
Page Generation: 0.112 Seconds