|
|
|
|
Menu |
|
|
Home |
| |
|
Discussions |
| |
|
Tools |
| |
|
Affiliates |
| |
|
Content |
| |
|
Info |
| | |
|
|
|
|
|
User Info |
|
Membership:
Latest: MichaelSnaRe
New Today: 0
New Yesterday: 0
Overall: 9144
People Online:
Visitors: 66
Members: 0
Total: 66
|
|
|
|
|
|
Full disclosure |
|
|
|
|
|
|
|
|
|
IT Security and Insecurity Portal |
|
|
Hi (Need Some Help) |
|
Posted: Mon Mar 17, 2008 6:30 pm |
|
|
F4r4Zm0In |
Active user |
|
|
Joined: Feb 17, 2008 |
Posts: 30 |
|
|
|
|
|
|
|
hi,
i have tested one sql injection on QuickTicket <= 1.5
what i have got after the sql injection is :
Now can you tell me how to decode this hash
as it is 40 characters long
also how can a attacker knows the username for the password hash
As per my knowledge this hash is for admin [am i right?]
Thanks |
|
|
|
|
Posted: Tue Mar 18, 2008 9:01 am |
|
|
pexli |
Valuable expert |
|
|
Joined: May 24, 2007 |
Posts: 665 |
Location: Bulgaria |
|
|
|
|
|
|
|
|
|
|
Posted: Tue Mar 18, 2008 10:50 am |
|
|
F4r4Zm0In |
Active user |
|
|
Joined: Feb 17, 2008 |
Posts: 30 |
|
|
|
|
|
|
|
koko wrote: | http://www.insidepro.com/hashes.php?lang=eng
Yep.This is admin hash.Try to decrypt and login into admin panel.After that use your imagination. |
Thanks again for the valuable information Koko! |
|
|
|
|
Posted: Tue Mar 18, 2008 1:53 pm |
|
|
waraxe |
Site admin |
|
|
Joined: May 11, 2004 |
Posts: 2407 |
Location: Estonia, Tartu |
|
|
|
|
|
|
Quote: |
...
as it is 40 characters long
|
It's probably SHA-1 hash. |
|
|
|
|
www.waraxe.us Forum Index -> Newbies corner
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
|
All times are GMT
Page 1 of 1
|
|
|
Powered by phpBB © 2001-2008 phpBB Group
|
|
|
|
|
|
|