Waraxe IT Security Portal  
  Login or Register
::  Home  ::  Search  ::  Your Account  ::  Forums  ::   Waraxe Advisories  ::  Tools  ::
December 14, 2019
Menu
 Home
 Logout
 Discussions
 Forums
 Members List
 IRC chat
 Tools
 Base64 coder
 MD5 hash
 CRC32 checksum
 ROT13 coder
 SHA-1 hash
 URL-decoder
 Sql Char Encoder
 Affiliates
 y3dips ITsec
 Md5 Cracker
 User Manuals
 AlbumNow
 Content
 Content
 Sections
 FAQ
 Top
 Info
 Feedback
 Recommend Us
 Search
 Journal
 Your Account



User Info
Welcome, Anonymous
Nickname
Password
(Register)

Membership:
Latest: MichaelSnaRe
New Today: 0
New Yesterday: 0
Overall: 9145

People Online:
Visitors: 226
Members: 1
Total: 227

Online Now:
01: kolaz - Homepage
PacketStorm News
Currently there is a problem with headlines from this site
Log in Register Forum FAQ Memberlist Search
IT Security and Insecurity Portal

www.waraxe.us Forum Index -> Hash related information -> What kind of hash? :O
Post new topic  Reply to topic View previous topic :: View next topic 
What kind of hash? :O
PostPosted: Mon Dec 29, 2008 1:25 am Reply with quote
10_Sec_Hero
Advanced user
Advanced user
 
Joined: Oct 22, 2008
Posts: 52




j9%3C%A5%0B%60w%B6%14%BF
g%11%0F%5E%0C%2Av
b%0A%0C%AF%F3%12%A5
mI%C2k%0E%D9
s%A5%84%B5%17a+1%7F

I have no idea what so ever...please help?
View user's profile Send private message
Re: What kind of hash? :O
PostPosted: Mon Dec 29, 2008 3:44 am Reply with quote
tehhunter
Valuable expert
Valuable expert
 
Joined: Nov 19, 2008
Posts: 261




10_Sec_Hero wrote:
j9%3C%A5%0B%60w%B6%14%BF
g%11%0F%5E%0C%2Av
b%0A%0C%AF%F3%12%A5
mI%C2k%0E%D9
s%A5%84%B5%17a+1%7F

I have no idea what so ever...please help?
Looks like it is hex encoded, so I ran it through waraxe's url decoder on this site. I got the following:

Code:
j9< `w
g^ *v
b

mIk
sa 1
See if that works at all.
View user's profile Send private message
PostPosted: Mon Dec 29, 2008 4:18 am Reply with quote
10_Sec_Hero
Advanced user
Advanced user
 
Joined: Oct 22, 2008
Posts: 52




i really doubt thats gonna work, they have to be plaintext.
thx for trying Smile
View user's profile Send private message
PostPosted: Mon Dec 29, 2008 4:48 am Reply with quote
k40t1x
Regular user
Regular user
 
Joined: Dec 27, 2008
Posts: 22




10_SEC how did you get them? I dont think that you can use them at all :S
View user's profile Send private message
PostPosted: Mon Dec 29, 2008 5:06 am Reply with quote
10_Sec_Hero
Advanced user
Advanced user
 
Joined: Oct 22, 2008
Posts: 52




ok..i got them through sql injection from a website. i got the email address which is not encrypted and then i got these which are the passwords.
View user's profile Send private message
PostPosted: Mon Dec 29, 2008 1:18 pm Reply with quote
Henderson
Valuable expert
Valuable expert
 
Joined: Jul 11, 2008
Posts: 58




The strings are urlencoded, but it doesn't change the fact that they're encrypted (XOR maybe?). Send me PM with URL if you want Smile
View user's profile Send private message
PostPosted: Tue Dec 30, 2008 11:18 am Reply with quote
Henderson
Valuable expert
Valuable expert
 
Joined: Jul 11, 2008
Posts: 58




The first letter of encrypted string is the first letter of user's e-mail address. Rest is a password XOR-ed with a key which is calculated basing on mentioned first letter. I don't know how the key is generated (probably it's some big number) but you could register an account with the same beginning letter of e-mail address as of the account you want to attack, and being able to execute SQL queries, read the encrypted password of yourself from database. Then just XOR the ciphertext with your real password and you'll get the key. Having the key, XOR victim's encrypted password with it and you'll get password in plaintext. Out of curiosity it would be cool to read the script's source using load_file() to discover the key generation algorithm.
View user's profile Send private message
PostPosted: Tue Dec 30, 2008 4:47 pm Reply with quote
10_Sec_Hero
Advanced user
Advanced user
 
Joined: Oct 22, 2008
Posts: 52




Cool, thank you a lot! Smile
View user's profile Send private message
PostPosted: Fri Jan 02, 2009 6:24 pm Reply with quote
10_Sec_Hero
Advanced user
Advanced user
 
Joined: Oct 22, 2008
Posts: 52




I did like you said, created an account with them, this is the account I created:
Code:
p%8F%28%1C%08%0FR   pandila_005@yahoo.com

plaintext of p%8F%28%1C%08%0FR is parola

I still have no idea how to crack it
what do you reckon?
View user's profile Send private message
PostPosted: Fri Jan 02, 2009 7:27 pm Reply with quote
Henderson
Valuable expert
Valuable expert
 
Joined: Jul 11, 2008
Posts: 58




Since we don't know the length of key, it would be better if you created a password of maximum length.
View user's profile Send private message
PostPosted: Sat Jan 03, 2009 4:46 am Reply with quote
10_Sec_Hero
Advanced user
Advanced user
 
Joined: Oct 22, 2008
Posts: 52




here we go, managed to pull out the 16 character password (alpha-numeric) for latest account created:

email address used: email001@yahoo.com

er6%04H%1B%95%7F%96%02%B7v%F2a%02%9E%FC and plaintext is 1234567890abcdef

created a differect account couple of days ago, heres the email:password

email address used: johnny23462@yahoo.com

j2h%FF%16%60g and plaintext is adidas
View user's profile Send private message
PostPosted: Sat Jan 03, 2009 10:07 am Reply with quote
Henderson
Valuable expert
Valuable expert
 
Joined: Jul 11, 2008
Posts: 58




The phrase er6%04H%1B%95%7F%96%02%B7v%F2a%02%9E%FC consists of two parts:

e = same as first letter of e-mail
723604481B957F9602B776F261029EFC = ciphertext (hex)

We know the plaintext, so we XOR the cipthertext with it to get the key.

31323334353637383930616263646566 = "1234567890abcdef" (hex)

723604481B957F9602B776F261029EFC XOR 31323334353637383930616263646566 = key

Having this particular key you can decipher ciphertext of phrases beginning with letter "e" (because the key is calculated from it) by XOR-ing the ciphertext with it:

ciphertext XOR key = plaintext

Hope it's clear now.


Last edited by Henderson on Tue Jan 06, 2009 12:30 pm; edited 1 time in total
View user's profile Send private message
PostPosted: Sat Jan 03, 2009 5:31 pm Reply with quote
10_Sec_Hero
Advanced user
Advanced user
 
Joined: Oct 22, 2008
Posts: 52




Yeah I got it now, thanks man! Very Happy
View user's profile Send private message
What kind of hash? :O
  www.waraxe.us Forum Index -> Hash related information
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
All times are GMT  
Page 1 of 1  

  
  
 Post new topic  Reply to topic  




Powered by phpBB 2001-2008 phpBB Group






All logos and trademarks in this site are property of their respective owner. The comments and posts are property of their posters, all the rest (c) 2004-2013 Janek Vind "waraxe"
Page Generation: 0.065 Seconds