|
|
|
|
Menu |
|
|
Home |
| |
|
Discussions |
| |
|
Tools |
| |
|
Affiliates |
| |
|
Content |
| |
|
Info |
| | |
|
|
|
|
|
User Info |
|
Membership:
Latest: MichaelSnaRe
New Today: 0
New Yesterday: 0
Overall: 9144
People Online:
Visitors: 90
Members: 0
Total: 90
|
|
|
|
|
|
Full disclosure |
|
|
|
|
|
|
|
|
|
IT Security and Insecurity Portal |
|
|
unknown ... help, Please |
|
Posted: Tue Feb 05, 2008 2:01 am |
|
|
911oldschool |
Beginner |
|
|
Joined: Feb 04, 2008 |
Posts: 4 |
|
|
|
|
|
|
|
7A69FBL1SC7F9I9H
In the above "password" should be (some form of) 01-aug-2008
and also a "Level" such as "programming"
There is an 8 digit "username" required by the program, I believe is the "salt", but this Identifies Me.
Can somebody help, or at least point me in the right direction? |
|
|
|
|
Posted: Wed Feb 06, 2008 12:13 am |
|
|
911oldschool |
Beginner |
|
|
Joined: Feb 04, 2008 |
Posts: 4 |
|
|
|
|
|
|
|
it appears that the first 8 characters remain the same (independent from the 8 character username) ie :
1-aug-2008 -> 7A69FBL1SC7F9I9H
4-aug-2008 -> 7A60FBL2SC7F9I0H
5-aug-2008 -> 7A61FBL3SC7F9I1H
I have seen few PW's issued today and they all start : 7A61FBL3
(the dates listed are expiration dates for the passwords given) |
|
|
|
|
Posted: Fri Feb 08, 2008 11:41 pm |
|
|
911oldschool |
Beginner |
|
|
Joined: Feb 04, 2008 |
Posts: 4 |
|
|
|
|
|
|
|
1-aug-2008 -> 7A69FBL1SC7F9I9H
4-aug-2008 -> 7A60FBL2SC7F9I0H
5-aug-2008 -> 7A61FBL3SC7F9I1H
I Have Found the user name it is embedded as
5-aug-2008 -> --------SC-F-I-H
letter minus position in "hash" points to a single substitution chart ie:
S seems to set the creference for the following 4 letters
This leaves 7A61FBL3--7-9-1-
Any IDEAS? |
|
|
|
|
Posted: Sat Feb 09, 2008 1:07 pm |
|
|
gtal3x |
Active user |
|
|
Joined: Dec 03, 2007 |
Posts: 33 |
Location: Ukraine |
|
|
|
|
|
|
1st of all where did you get this pass from? i mean from what software? For me it seems like a mysql 64bit, with no salt |
|
|
|
|
Posted: Sat Feb 09, 2008 5:38 pm |
|
|
911oldschool |
Beginner |
|
|
Joined: Feb 04, 2008 |
Posts: 4 |
|
|
|
|
|
|
|
It is a password/username challenge to a proprietary program used by several companies, to authenticate level of access and date of expiration(and maybe username, although I now doubt That as the username is readily decoded) for Hardware level troubleshooting(non-PC) |
|
|
|
|
www.waraxe.us Forum Index -> All other security holes
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
|
All times are GMT
Page 1 of 1
|
|
|
Powered by phpBB © 2001-2008 phpBB Group
|
|
|
|
|
|
|