 |
|
 |
 |
|
 |
IT Security and Insecurity Portal |
|
 |
Need Help Cracking Password |
 |
 Posted: Thu Jul 24, 2008 5:08 am |
 |
|
| Torre |
| Regular user |
 |
|
| Joined: Jul 24, 2008 |
| Posts: 11 |
|
|
|
 |
|
 |
|
Hello Everyone!
I was wondering if someone could help me out by cracking this password for me.
Hash: e0d8573a8cea194e0151a30bd882d898
Salt: rbIY'
Its from IPB, the newest version which I believe is 2.3.4
Any help would be wonderful!
Thanks in advance! |
|
|
|
|
| Posted: Fri Jul 25, 2008 4:21 am |
|
|
| Torre |
| Regular user |
|
|
| Joined: Jul 24, 2008 |
| Posts: 11 |
|
|
|
|
|
|
|
| I am willing to pay $20 for this, this is really important to me. Any help would be appreciated. |
|
|
|
|
| Posted: Fri Jul 25, 2008 10:07 am |
|
|
| lenny |
| Valuable expert |
 |
|
| Joined: May 15, 2008 |
| Posts: 275 |
|
|
|
|
|
|
|
| Ill get to work cracking this (for free) if sombody could tell me the format of IPB 2.3.4 hashes! (no promises though :p) |
|
|
|
|
| Posted: Fri Jul 25, 2008 11:06 am |
|
|
| pexli |
| Valuable expert |
|
|
| Joined: May 24, 2007 |
| Posts: 665 |
| Location: Bulgaria |
|
|
|
|
|
|
lenny try to learn how to use search in google or in insidepro forum.
md5(md5($salt).md5($pass)) |
|
|
|
|
| Posted: Fri Jul 25, 2008 11:47 am |
|
|
| lenny |
| Valuable expert |
|
|
| Joined: May 15, 2008 |
| Posts: 275 |
|
|
|
|
|
|
|
I did  , hence the question. I could only find information on older versions of IPB. Admittedly I didn't think to search the InsidePro forums...
Anyway, I am cracking now  |
|
|
|
|
| Posted: Fri Jul 25, 2008 2:19 pm |
|
|
| Torre |
| Regular user |
|
|
| Joined: Jul 24, 2008 |
| Posts: 11 |
|
|
|
|
|
|
|
| Thanks much! I can give you a copy of the newest IPB software if you like. |
|
|
|
|
| Posted: Fri Jul 25, 2008 3:14 pm |
|
|
| lenny |
| Valuable expert |
|
|
| Joined: May 15, 2008 |
| Posts: 275 |
|
|
|
|
|
|
|
Well hang about, I haven't cracked the hash yet :p
Edit: On top of that, i have run it through most of my dictionaries to no avail. Still, i haven't started with my 32gb wordlist just yet  |
|
|
|
|
| Posted: Fri Jul 25, 2008 5:27 pm |
|
|
| Torre |
| Regular user |
|
|
| Joined: Jul 24, 2008 |
| Posts: 11 |
|
|
|
|
|
|
|
| Thank you so much, lenny! If you need anymore information, please don't hesitate to ask! |
|
|
|
|
| Posted: Fri Jul 25, 2008 6:45 pm |
|
|
| lenny |
| Valuable expert |
|
|
| Joined: May 15, 2008 |
| Posts: 275 |
|
|
|
|
|
|
|
Hmm...Well all my dictionaries have come up with nothing... I will probably try a combined dictionary attack and a brute force attack... but the chances are looking slimmer and slimmer.... as i said, no promises... then again I may get lucky 
Edit: Started brute force attack... ~23 hours to go
Edit Edit: Any idea of the length of the hash? Do you know *anything* else about the hash? It would help *a lot* |
|
|
|
|
| Posted: Fri Jul 25, 2008 6:57 pm |
|
|
| Torre |
| Regular user |
|
|
| Joined: Jul 24, 2008 |
| Posts: 11 |
|
|
|
|
|
|
|
Darnit. I hope we can get lucky. Unfortunately, I don't really know anything.  I just know that it is from IPB 2.3.4 and the type of encrypting is md5(md5($salt).md5($pass)). Would you like to me to upload a copy of IPB? |
|
|
|
|
| Posted: Fri Jul 25, 2008 7:06 pm |
|
|
| Torre |
| Regular user |
|
|
| Joined: Jul 24, 2008 |
| Posts: 11 |
|
|
|
|
|
|
|
There is another encryption of this password that I have, but I think it is a little bit more difficult.
Hash in Database: 07f972a7bec7e5eee4c42e7f3f4bca26
Method: md5(sha1(md5($password).$blowfish).sha1(sha1(md5($password).$blowfish).$blowfish));
Blowfish: 1 |
|
|
|
|
| Posted: Fri Jul 25, 2008 7:30 pm |
|
|
| lenny |
| Valuable expert |
|
|
| Joined: May 15, 2008 |
| Posts: 275 |
|
|
|
|
|
|
|
Yeah, that second one is a little more difficult to work with
Maybe upload a copy of IPB... Maybe I am missing somthing, or 2.3.4 uses a different method of hashing passwords? Its just a guess, but might explain why it is being a pain to crack and would put me back on track |
|
|
|
|
| Posted: Fri Jul 25, 2008 7:51 pm |
|
|
| Torre |
| Regular user |
|
|
| Joined: Jul 24, 2008 |
| Posts: 11 |
|
|
|
|
|
|
|
| I have uploaded IPB and sent you a PM with the link. |
|
|
|
|
| Posted: Fri Jul 25, 2008 8:24 pm |
|
|
| lenny |
| Valuable expert |
|
|
| Joined: May 15, 2008 |
| Posts: 275 |
|
|
|
|
|
|
|
| Quote: | /*-------------------------------------------------------------------------*/
// Authorize against local DB:
// $username: Log in username
// $password: Plain text password
/*-------------------------------------------------------------------------*/
function auth_local( $username, $password )
{
$password = md5( $password ); |
.
Hmmmm..... This disturbed me a little... |
|
|
|
|
| Posted: Fri Jul 25, 2008 8:31 pm |
|
|
| Torre |
| Regular user |
|
|
| Joined: Jul 24, 2008 |
| Posts: 11 |
|
|
|
|
|
|
|
Hmm... I wonder when that is used.
I just did a check with my own salt and my own password using the md5(md5($salt).md5($pass)).
That must be used for just generating the first part of the hash. (?)
Basically what I am saying is the method is md5(md5($salt).md5($pass)).
 |
|
|
|
|
www.waraxe.us Forum Index -> All other hashes
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
All times are GMT
Page 1 of 2
Goto page 1, 2Next
|
|
|
|
Powered by phpBB © 2001-2008 phpBB Group
|
|
|
|
|
Discussions
Tools
Content
Info
Membership:
Latest: 
New Today: 0
New Yesterday: 0
Overall: 9144
People Online:
Visitors: 54
Members: 0
Total: 54
