| 
  
        |  |  |  
      
        |  |  
  | 
  
    | 
	|  | Menu |  |  
     
     | 
      
       | 
        
         | 
          
           | 
						|  |  |  Home |  |  |  |  |  |  |  |  Discussions |  |  |  |  |  |  |  |  Tools |  |  |  |  |  |  |  |  Affiliates |  |  |  |  |  |  |  |  Content |  |  |  |  |  |  |  |  Info |  |  |  |  |  |  |  |  |  |  
  
    | 
	|  | User Info |  |  
     
     | 
      
       | 
        
         | 
          
           |  Membership: 
  Latest: MichaelSnaRe 
  New Today: 0 
  New Yesterday: 0 
  Overall: 9144 
 
  People Online: 
  Visitors: 134 
  Members: 0 
  Total: 134 
 |  |  |  |  |  
  
    | 
	|  | Full disclosure |  |  |  | 
  
    | 
	|  |  |  |  
        
          | 
              
                | 
                    
                      | 
                          
                            | 
	| 
	
		|  |  |  
		|  | IT Security and Insecurity Portal |  |  
 
	|  | I have an SQL dump file which I want to exploit |  |  
	| 
	
		|  Posted: Thu Jul 08, 2010 5:53 pm |   |  |  
	| 
	
		| 
		
			| 
			
				| 
				| D1scord |  | Regular user |  |  
  |  |  |  | Joined: Jul 08, 2010 |  | Posts: 7 |  |  |  |  
 
 |  |  
			|  |  |  
 
 | 
		
			| I have successfully negotiated to the relevant tables and exported all of the 2000 usernames / passwords etc to an excel file. 
 The passwords are hashed (MD5) and salt.  I have the salt information in a separate column.
 
 Now I have a few questions (very n00bish so I apologise in advance).
 
 1.  Since I have the entire d-base can I just modify it in some way to reveal all of the hashed passwords into plain text?
 
 2.  I am getting my head around rainbow tables.  I ran a sample of the MD5 hashes through some of the online crackers but had no luck.  Because of the salt I assume?
 
 How to incorporate the salt information stored in the relevant column to support the cracking process?
 
 3.  I also have all of the plaintext private messages that were sent via the bulletin board that the SQL file came from, approx 21,000.  Is there a technique for searching this data for particular strings?
 
 If anybody has any other ideas and what to do I would love to hear them.
 
 
  |  |  
		|  |  |  
	|  |  |  | 
 
	|  |  |  |  
	| 
	
		|  Posted: Thu Jul 08, 2010 6:53 pm |   |  |  
	| 
	
		| 
		
			| 
			
				| 
				| vince213333 |  | Advanced user |  |  
  |  |  |  | Joined: Aug 03, 2009 |  | Posts: 737 |  | Location: Belgium |  |  
 
 |  |  
			|  |  |  
 
 | 
		
			| Question 1 
 You cannot modify the database to show the plaintext passwords. You need to crack the md5 hashes or install a logger on the site that logs the plaintext into a database/file/...
 
 Question 2
 Rainbow tables are meant to be used with unsalted hashes. The don't work unless you have a rainbow table for each specific salt (which I doubt). You need to import the md5 hash and the matching salt into a password cracker like the famous passwordspro.
 
 Question 3
 You can use an SQL query with the Like statement (Google is your friend).
 |  |  
		|  |  |  
	|  |  |  | 
 
	|  |  |  |  
	| 
	
		|  Posted: Thu Jul 08, 2010 7:27 pm |   |  |  
	| 
	
		| 
		
			| 
			
				| 
				| D1scord |  | Regular user |  |  
  |  |  |  | Joined: Jul 08, 2010 |  | Posts: 7 |  |  |  |  
 
 |  |  
			|  |  |  
 
 | 
		
			|  	  | vince213333 wrote: |  	  | Question 1 
 You cannot modify the database to show the plaintext passwords. You need to crack the md5 hashes or install a logger on the site that logs the
 plaintext into a database/file/...
 
 Question 2
 Rainbow tables are meant to be used with unsalted hashes. The don't work unless you have a rainbow table for each specific salt (which I doubt). You need to import the md5 hash and the matching salt into a password cracker like the famous passwordspro.
 
 Question 3
 You can use an SQL query with the Like statement (Google is your friend).
 | 
 
 Thanks man - I really appreciate that.
 
 The learning curve is steep and the time is finite!
 |  |  
		|  |  |  
	|  |  
	| 
	
		|  Posted: Thu Jul 08, 2010 8:17 pm |   |  |  
	| 
	
		| 
		
			| 
			
				| 
				| vince213333 |  | Advanced user |  |  
  |  |  |  | Joined: Aug 03, 2009 |  | Posts: 737 |  | Location: Belgium |  |  
 
 |  |  
			|  |  |  
 
 | 
		
			| My pleasure  It's steep but not everything is easy. If you need help with anything, feel free to ask ^^ |  |  
		|  |  |  
	|  |  
	| 
	
		|  Posted: Fri Jul 09, 2010 12:06 am |   |  |  
	| 
	
		| 
		
			| 
			
				| 
				| earthquaker |  | Advanced user |  |  
  |  |  |  | Joined: Jun 02, 2008 |  | Posts: 111 |  | Location: q8 |  |  
 
 |  |  
			|  |  |  
 
 | 
		
			| why dont u post the hash's+salt here |  |  
		|  |  |  
	|  |  
	| 
	
		|  Posted: Fri Jul 09, 2010 4:45 am |   |  |  
	| 
	
		| 
		
			| 
			
				| 
				| D1scord |  | Regular user |  |  
  |  |  |  | Joined: Jul 08, 2010 |  | Posts: 7 |  |  |  |  
 
 |  |  
			|  |  |  
 
 | 
		
			|  	  | earthquaker wrote: |  	  | why dont u post the hash's+salt here | 
 
 All 1500?
 |  |  
		|  |  |  
	|  |  
	| 
	
		|  Posted: Fri Jul 09, 2010 6:06 am |   |  |  
	| 
	
		| 
		
			| 
			
				| 
				| earthquaker |  | Advanced user |  |  
  |  |  |  | Joined: Jun 02, 2008 |  | Posts: 111 |  | Location: q8 |  |  
 
 |  |  
			|  |  |  
 
 |  |  
		|  |  |  
	|  |  
	| 
	
		|  Posted: Sat Jul 10, 2010 9:39 pm |   |  |  
	| 
	
		| 
		
			| 
			
				| 
				| D1scord |  | Regular user |  |  
  |  |  |  | Joined: Jul 08, 2010 |  | Posts: 7 |  |  |  |  
 
 |  |  
			|  |  |  
 
 |  |  
		|  |  |  
	|  |  
	| 
	
		|  Posted: Fri Jul 16, 2010 11:50 am |   |  |  
	| 
	
		| 
		
			| 
			
				| 
				| D1scord |  | Regular user |  |  
  |  |  |  | Joined: Jul 08, 2010 |  | Posts: 7 |  |  |  |  
 
 |  |  
			|  |  |  
 
 | 
		
			| 
 Is nobody interested in this?
 |  |  
		|  |  |  
	|  |  
	| 
	
		|  Posted: Fri Jul 16, 2010 2:15 pm |   |  |  
	| 
	
		| 
		
			| 
			
				| 
				| earthquaker |  | Advanced user |  |  
  |  |  |  | Joined: Jun 02, 2008 |  | Posts: 111 |  | Location: q8 |  |  
 
 |  |  
			|  |  |  
 
 | 
		
			| have u got the whole .sql dump or just this piece ? if u have the whole thing then msg me |  |  
		|  |  |  
	|  |  
	| www.waraxe.us Forum Index -> Sql injection 
 
	
		| You cannot post new topics in this forum You cannot reply to topics in this forum
 You cannot edit your posts in this forum
 You cannot delete your posts in this forum
 You cannot vote in polls in this forum
 
 | All times are GMT Page 1 of 1
 
 |  |  
	|  |  
 Powered by phpBB © 2001-2008 phpBB Group
 
 
 
 
 |  |  |  |  |  |  |