 |
Menu |
 |
|
 Home |
| |
|
 Discussions |
| |
|
 Tools |
| |
|
| Affiliates |
| |
|
 Content |
| |
|
 Info |
| | |
|
|
|
|
|
User Info |
|
 Membership:
 Latest: MichaelSnaRe
 New Today: 0
 New Yesterday: 0
 Overall: 9144
 People Online:
 Visitors: 295
 Members: 0
 Total: 295
|
|
|
|
|
|
Full disclosure |
|
CyberDanube Security Research 20251014-0 | Multiple Vulnerabilities in Phoenix Contact QUINT4 UPS
apis.google.com - Insecure redirect via __lu parameter(exploited in the wild)
Urgent Security Vulnerabilities Discovered in Mercku Routers Model M6a
Re: Security Advisory: Multiple High-Severity Vulnerabilities in Suno.com (JWT Leakage, IDOR, DoS)
Security Advisory: Multiple High-Severity Vulnerabilities in Suno.com (JWT Leakage, IDOR, DoS)
[SBA-ADV-20250730-01] CVE-2025-39664: Checkmk Path Traversal
[SBA-ADV-20250724-01] CVE-2025-32919: Checkmk Agent Privilege Escalation via Insecure Temporary Files
CVE-2025-59397 - Open Web Analytics SQL Injection
Re: [FD]Full Disclosure: CVE-2025-31200 & CVE-2025-31201 – 0-Click iMessage Chain ? Secure Enclave Key Theft, Wormable RCE, Crypto Theft
Re: Full Disclosure: CVE-2025-31200 & CVE-2025-31201 – 0-Click iMessage Chain ? Secure Enclave Key Theft, Wormable RCE, Crypto Theft
Re: Defense in depth -- the Microsoft way (part 93): SRP/SAFERwhitelisting goes black on Windows 11
Re: [FD]: "Glass Cage" – Zero-Click iMessage ? Persistent iOS Compromise + Bricking (CVE-2025-24085 / 24201, CNVD-2025-07885)
Re: [FD]Full Disclosure: CVE-2025-31200 & CVE-2025-31201 – 0-Click iMessage Chain ? Secure Enclave Key Theft, Wormable RCE, Crypto Theft
Samtools v1.22.1 Uncontrolled Memory Allocation from Large BED Intervals Causes Denial-of-Service in Samtools/HTSlib
Samtools v1.22.1 Improper Handling of Excessive Histogram Bin Counts in Samtools Coverage Leads to Stack Overflow
|
|
|
|
|
|
 |
|
 |
 |
|
 |
IT Security and Insecurity Portal |
|
|
vbb hashs crack- please help |
|
 Posted: Thu Apr 03, 2008 1:35 pm |
 |
|
| king424 |
| Regular user |
 |
|
| Joined: Apr 03, 2008 |
| Posts: 24 |
|
|
|
 |
|
 |
|
MD5:f1110f64909cf20dafdc11abecd2ee92 salt:(\"8
b85cea4b55dbcd526538a1f643323014 H*d
0f33c28cb52deff3ea86e26478264a73 t$~
34b2da056700a4a044a3233f4448a185 Hr%
18dc2e74bc21b86a41c31b84fe3f9ddd \'r1
29f50de5b23953ceea51e67110b36ad7 88*
Thanks in advance |
|
|
|
|
| Posted: Thu Apr 03, 2008 5:40 pm |
|
|
| waraxe |
| Site admin |
 |
|
| Joined: May 11, 2004 |
| Posts: 2407 |
| Location: Estonia, Tartu |
|
|
|
|
|
|
29f50de5b23953ceea51e67110b36ad7:baggins82
b85cea4b55dbcd526538a1f643323014:Passi0n
 |
|
|
|
|
| Posted: Fri Apr 04, 2008 10:08 am |
|
|
| king424 |
| Regular user |
|
|
| Joined: Apr 03, 2008 |
| Posts: 24 |
|
|
|
|
|
|
|
| thanks for you help......but how to fast crack it? |
|
|
|
|
| Posted: Fri Apr 04, 2008 10:19 am |
|
|
| waraxe |
| Site admin |
|
|
| Joined: May 11, 2004 |
| Posts: 2407 |
| Location: Estonia, Tartu |
|
|
|
|
|
|
| king424 wrote: | | thanks for you help......but how to fast crack it? |
Right now (april 2008) i don't know any fast methods for Vbulletin salted hashes cracking. Rainbow tables can't be used because of salting. Only options are wordlist method and bruteforce. And because of salting cracking 6 hashes via bruteforce means 6 times more cracking time ...
Still:
a) distributed cracking can be possible, if you have access to multiple computers or some botnet
b) using GPU for faster cracking - GeForce 8800 and 9800 videocards can accelerate hash cracking hundreds of times, but such method is too fresh right now and needs more time for developement. |
|
|
|
|
| Posted: Fri Apr 04, 2008 11:58 am |
|
|
| king424 |
| Regular user |
|
|
| Joined: Apr 03, 2008 |
| Posts: 24 |
|
|
|
|
|
|
|
| Thank you for your suggestion, I learned from a lot of you |
|
|
|
|
| Posted: Fri Apr 04, 2008 1:54 pm |
|
|
| Nial |
| Advanced user |
|
|
| Joined: Feb 29, 2008 |
| Posts: 103 |
|
|
|
|
|
|
|
| So if the salt is the same for the 6 hash, it doesnt mean 6 times more cracking time ? |
|
|
|
|
|
|
|
|
| Posted: Fri Apr 04, 2008 11:10 pm |
|
|
| ToXiC |
| Moderator |
 |
|
| Joined: Dec 01, 2004 |
| Posts: 181 |
| Location: Cyprus |
|
|
|
|
|
|
| Nial wrote: | | So if the salt is the same for the 6 hash, it doesnt mean 6 times more cracking time ? |
Actually depends on the attack you will choose to do. The only case that if the salt is the same you can crack it faster is when you know the salted value and you append to your wordlist the specific hash or you use hybrid-rainbow attack. but still it depends on the algorythm that is used to hash the password.
for example ..
If the web application uses this function
$salt = $%$%
$password = md5(md5($password.$salt))
you will need to write a program that :
will read from your wordlist
a
ab
abc
and append the $salted value
a$%$%
ab$%$%
abc$%$%
and then md5(md5( each of the values in the wordlist and tries to much it with the hash. If it matched then it mean you found the collission.
This approach can be used for bruteforce cracking as well. |
|
_________________
who|grep -i blonde|talk; cd~;wine;talk;touch;unzip;touch; strip;gasp;finger;gasp;mount; fsck; more; yes; gasp; umount; make clean; sleep;wakeup;goto http://www.md5this.com |
|
|
|
|
|
|
|
| Posted: Sat Apr 05, 2008 11:37 am |
|
|
| king424 |
| Regular user |
|
|
| Joined: Apr 03, 2008 |
| Posts: 24 |
|
|
|
|
|
|
|
nobody can crack other hash?  |
|
|
|
|
| Posted: Tue Apr 22, 2008 12:37 am |
|
|
| bleh |
| Regular user |
|
|
| Joined: Apr 19, 2008 |
| Posts: 19 |
|
|
|
|
|
|
|
| waraxe wrote: |
Right now (april 2008) i don't know any fast methods for Vbulletin salted hashes cracking. Rainbow tables can't be used because of salting. Only options are wordlist method and bruteforce. And because of salting cracking 6 hashes via bruteforce means 6 times more cracking time ...
Still:
a) distributed cracking can be possible, if you have access to multiple computers or some botnet |
Sorry to bump this thread, but I was wondering if there is any program\source available for that. I have access to several computers. |
|
|
|
|
|
|
|
|
| Posted: Wed Apr 23, 2008 8:05 pm |
|
|
| waraxe |
| Site admin |
|
|
| Joined: May 11, 2004 |
| Posts: 2407 |
| Location: Estonia, Tartu |
|
|
|
|
|
|
| bleh wrote: | | waraxe wrote: |
Right now (april 2008) i don't know any fast methods for Vbulletin salted hashes cracking. Rainbow tables can't be used because of salting. Only options are wordlist method and bruteforce. And because of salting cracking 6 hashes via bruteforce means 6 times more cracking time ...
Still:
a) distributed cracking can be possible, if you have access to multiple computers or some botnet |
Sorry to bump this thread, but I was wondering if there is any program\source available for that. I have access to several computers. |
Yes, Passwordspro contains special feature for shared bruteforce cracking |
|
|
|
|
|
|
|
|
| Posted: Thu Apr 24, 2008 6:57 pm |
|
|
| bleh |
| Regular user |
|
|
| Joined: Apr 19, 2008 |
| Posts: 19 |
|
|
|
|
|
|
|
| waraxe wrote: | | bleh wrote: | | waraxe wrote: |
Right now (april 2008) i don't know any fast methods for Vbulletin salted hashes cracking. Rainbow tables can't be used because of salting. Only options are wordlist method and bruteforce. And because of salting cracking 6 hashes via bruteforce means 6 times more cracking time ...
Still:
a) distributed cracking can be possible, if you have access to multiple computers or some botnet |
Sorry to bump this thread, but I was wondering if there is any program\source available for that. I have access to several computers. |
Yes, Passwordspro contains special feature for shared bruteforce cracking |
Thanks. Didn't know that |
|
|
|
|
|
www.waraxe.us Forum Index -> All other hashes
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
All times are GMT
Page 1 of 1
|
|
|
|
Powered by phpBB © 2001-2008 phpBB Group
|
|
|
|
|
|
