Waraxe IT Security Portal
Login or Register
December 18, 2024
Menu
Home
Logout
Discussions
Forums
Members List
IRC chat
Tools
Base64 coder
MD5 hash
CRC32 checksum
ROT13 coder
SHA-1 hash
URL-decoder
Sql Char Encoder
Affiliates
y3dips ITsec
Md5 Cracker
User Manuals
AlbumNow
Content
Content
Sections
FAQ
Top
Info
Feedback
Recommend Us
Search
Journal
Your Account
User Info
Welcome, Anonymous
Nickname
Password
(Register)

Membership:
Latest: MichaelSnaRe
New Today: 0
New Yesterday: 0
Overall: 9144

People Online:
Visitors: 129
Members: 0
Total: 129
Full disclosure
[KIS-2024-07] GFI Kerio Control <= 9.4.5 Multiple HTTP Response Splitting Vulnerabilities
RansomLordNG - anti-ransomware exploit tool
APPLE-SA-12-11-2024-9 Safari 18.2
APPLE-SA-12-11-2024-8 visionOS 2.2
APPLE-SA-12-11-2024-7 tvOS 18.2
APPLE-SA-12-11-2024-6 watchOS 11.2
APPLE-SA-12-11-2024-5 macOS Ventura 13.7.2
APPLE-SA-12-11-2024-4 macOS Sonoma 14.7.2
APPLE-SA-12-11-2024-3 macOS Sequoia 15.2
APPLE-SA-12-11-2024-2 iPadOS 17.7.3
APPLE-SA-12-11-2024-1 iOS 18.2 and iPadOS 18.2
SEC Consult SA-20241211-0 :: Reflected Cross-Site Scripting in Numerix License Server Administration System Login
St. Poelten UAS | Multiple Vulnerabilities in ORing IAP
SEC Consult SA-20241204-0 :: Multiple Critical Vulnerabilities in Image Access Scan2Net (14 CVE)
Microsoft Warbird and PMP security research - technical doc
Log in Register Forum FAQ Memberlist Search
IT Security and Insecurity Portal

www.waraxe.us Forum Index -> All other hashes -> joomla admin needs help with a salted crack Goto page 1, 2Next
Post new topicReply to topic View previous topic :: View next topic
joomla admin needs help with a salted crack
PostPosted: Sat Jan 03, 2009 3:43 am Reply with quote
Rastlin
Regular user
Regular user
Joined: Jan 03, 2009
Posts: 21




Hi,

first of all this is my first post and i have to confess i haven't read any forum rules so forgive me if i break something Smile

I am a joomla administrator hosting a phpbb3 with a bridge to the joomla database that allows authentication to go from joombla to the phpbb.

For a number of reasons i am in need to crack a joomla password hash of a user of mine. ( and even if i can easly reset it the objective is to crack it )

the password hash i got from joombla database is

user:c6c7d32a43dcca085c0bcf4d9955a2d5:K3Nd8jFDeeF87WV0GZUtS2YnVCEHsCCT

I have read extensive about this issue and for what i can understand the MD5 pasword is salted.

i downloaded PasswordsPro to evalute if i could crack it but i am in a bit of trouble because of the salted format.

I have read people say that joomla salts the password in

md5(md5$pass.md5$salt)

others say

md5$pass.$salt

etc etc etc...

since i takes a lot of time to try every possible combination and i hardly have the cpu power to make a distributed crack of salted hash and because i dont seem to get a consense i am requesting the help of a good samaritan.

My joomla version is "Joomla! 1.5.7"

I dont really have nothing to offer in return but my thanks.

Can anyone help me or even give me a Tip ?

Update:

SO after a itle more digging it seems that md5($pass.$salt) is the way to go. 5 days left on a-z & A-Z. Can anyone do it faster ?
View user's profile Send private message
PostPosted: Mon Jan 05, 2009 2:44 pm Reply with quote
Rastlin
Regular user
Regular user
Joined: Jan 03, 2009
Posts: 21




Shameless *bump* and update

Failed... Is there someone smarter then me ? Very Happy
View user's profile Send private message
Re: joomla admin needs help with a salted crack
PostPosted: Tue Jan 06, 2009 2:57 am Reply with quote
tehhunter
Valuable expert
Valuable expert
Joined: Nov 19, 2008
Posts: 261




I'm trying my special designed hybrid crack mode, I'll get back to you in a few hours.
View user's profile Send private message
PostPosted: Tue Jan 06, 2009 3:20 am Reply with quote
Rastlin
Regular user
Regular user
Joined: Jan 03, 2009
Posts: 21




thanks i apreciate it.

I got my hands on a DUO quadcore however it seems that passwordspro doesn't work with multiprocessors.

i am trying a

a-z & A-Z & 1-9

Gona take 15 days ...

My best.
View user's profile Send private message
Re: joomla admin needs help with a salted crack
PostPosted: Wed Jan 07, 2009 10:49 am Reply with quote
Rastlin
Regular user
Regular user
Joined: Jan 03, 2009
Posts: 21




tehhunter wrote:
I'm trying my special designed hybrid crack mode, I'll get back to you in a few hours.


Any luck tehhunter ? i have 10 days remaining ... and no luck yet !
View user's profile Send private message
Re: joomla admin needs help with a salted crack
PostPosted: Wed Jan 07, 2009 12:16 pm Reply with quote
waraxe
Site admin
Site admin
Joined: May 11, 2004
Posts: 2407
Location: Estonia, Tartu




Rastlin wrote:
tehhunter wrote:
I'm trying my special designed hybrid crack mode, I'll get back to you in a few hours.


Any luck tehhunter ? i have 10 days remaining ... and no luck yet !


If you don't have information about complexity of the original password, then you can't estimate cracking time in any way. And by the way, md5 hashes for good passwords are practically uncrackable at current tech level.
View user's profile Send private message Send e-mail Visit poster's website
Re: joomla admin needs help with a salted crack
PostPosted: Wed Jan 07, 2009 3:05 pm Reply with quote
Rastlin
Regular user
Regular user
Joined: Jan 03, 2009
Posts: 21




waraxe wrote:
Rastlin wrote:
tehhunter wrote:
I'm trying my special designed hybrid crack mode, I'll get back to you in a few hours.


Any luck tehhunter ? i have 10 days remaining ... and no luck yet !


If you don't have information about complexity of the original password, then you can't estimate cracking time in any way. And by the way, md5 hashes for good passwords are practically uncrackable at current tech level.


I should have said 10 days with current charset .. Smile

BTW check this .... http://www.waraxe.us/ftopicp-16587.html#16587
View user's profile Send private message
Re: joomla admin needs help with a salted crack
PostPosted: Wed Jan 07, 2009 3:30 pm Reply with quote
waraxe
Site admin
Site admin
Joined: May 11, 2004
Posts: 2407
Location: Estonia, Tartu




Rastlin wrote:
waraxe wrote:
Rastlin wrote:
tehhunter wrote:
I'm trying my special designed hybrid crack mode, I'll get back to you in a few hours.


Any luck tehhunter ? i have 10 days remaining ... and no luck yet !


If you don't have information about complexity of the original password, then you can't estimate cracking time in any way. And by the way, md5 hashes for good passwords are practically uncrackable at current tech level.


I should have said 10 days with current charset .. Smile

BTW check this .... http://www.waraxe.us/ftopicp-16587.html#16587


Yes, nice firepower Rolling Eyes
View user's profile Send private message Send e-mail Visit poster's website
PostPosted: Wed Jan 07, 2009 3:33 pm Reply with quote
Rastlin
Regular user
Regular user
Joined: Jan 03, 2009
Posts: 21




thanks .. i am thinking of adding another gpu ... i have room for 2 more ...
View user's profile Send private message
Re: joomla admin needs help with a salted crack
PostPosted: Thu Jan 08, 2009 11:07 pm Reply with quote
Alkindiii
Regular user
Regular user
Joined: Jan 09, 2009
Posts: 19




Rastlin wrote:
waraxe wrote:
Rastlin wrote:
tehhunter wrote:
I'm trying my special designed hybrid crack mode, I'll get back to you in a few hours.


Any luck tehhunter ? i have 10 days remaining ... and no luck yet !


If you don't have information about complexity of the original password, then you can't estimate cracking time in any way. And by the way, md5 hashes for good passwords are practically uncrackable at current tech level.


I should have said 10 days with current charset .. Smile

BTW check this .... http://www.waraxe.us/ftopicp-16587.html#16587

Hi Rastlin,
Can you please use your "firepower" to crack some Joomla's hashes (I think it's md5($pass.$salt) as you said).
Here is the salted md5 hashes :

9cab8bcf2921e44b72cb21c001694cbd:sBv8TuYYYoIhDrHT
c8cb59cdb2dd8e8d1c73adef8c531433:k5l81Ip2YXeMhMN3
2962564ac548bde72ba37739fc99fb92:Rku2o3w8qonr1P23
1104fbbfa6976957d878e9489f054802:0EAKGk7u7PvqiTeR

Thanks in advance.
View user's profile Send private message
PostPosted: Thu Jan 08, 2009 11:44 pm Reply with quote
waraxe
Site admin
Site admin
Joined: May 11, 2004
Posts: 2407
Location: Estonia, Tartu




Plaintext of 1104fbbfa6976957d878e9489f054802 is Yeor25

Smile
View user's profile Send private message Send e-mail Visit poster's website
PostPosted: Fri Jan 09, 2009 7:26 am Reply with quote
Alkindiii
Regular user
Regular user
Joined: Jan 09, 2009
Posts: 19




Thanks waraxe Very Happy
Did you brute forced it using PasswordsPro or something else?
I need to crack more salted md5 using online rainbow tables, does someone know any good website or any md5 search engine for that??
View user's profile Send private message
Re: joomla admin needs help with a salted crack
PostPosted: Fri Jan 09, 2009 11:13 am Reply with quote
Rastlin
Regular user
Regular user
Joined: Jan 03, 2009
Posts: 21




[quote="Alkindiii]
Hi Rastlin,
Can you please use your "firepower" to crack some Joomla's hashes (I think it's md5($pass.$salt) as you said).
Here is the salted md5 hashes :

9cab8bcf2921e44b72cb21c001694cbd:sBv8TuYYYoIhDrHT
c8cb59cdb2dd8e8d1c73adef8c531433:k5l81Ip2YXeMhMN3
2962564ac548bde72ba37739fc99fb92:Rku2o3w8qonr1P23
1104fbbfa6976957d878e9489f054802:0EAKGk7u7PvqiTeR

Thanks in advance.[/quote]

I whould mind helping out but i have yet to find a md5 salted cracker that can make use of 32 processors.

Try this install paswordspro ( google it ) and use the program to try and crack the salted md5 hash.

But before you do that go to http://www.md5this.com/wordlists.html get as many wordlists as you can and put them all in a directory and insert them into the passwordspro configuration. A carefull configuration of the cracking method and hybrid rules can be very time saving.

I have yet to find a salted rainbow table however i am kind of new to hash cracking ( i mean besides the use of the old L0pthCrack and john the ripper), maybe someone with more experience can point you to the right direction.
View user's profile Send private message
Re: joomla admin needs help with a salted crack
PostPosted: Fri Jan 09, 2009 11:13 am Reply with quote
Rastlin
Regular user
Regular user
Joined: Jan 03, 2009
Posts: 21




Rastlin wrote:
Alkindiii wrote:

Hi Rastlin,
Can you please use your "firepower" to crack some Joomla's hashes (I think it's md5($pass.$salt) as you said).
Here is the salted md5 hashes :

9cab8bcf2921e44b72cb21c001694cbd:sBv8TuYYYoIhDrHT
c8cb59cdb2dd8e8d1c73adef8c531433:k5l81Ip2YXeMhMN3
2962564ac548bde72ba37739fc99fb92:Rku2o3w8qonr1P23
1104fbbfa6976957d878e9489f054802:0EAKGk7u7PvqiTeR

Thanks in advance.


I dont mind helping out but i have yet to find a md5 salted cracker that can make use of 32 processors.

Try this, install paswordspro ( google it ) and use the program to try and crack the salted md5 hash.

But before you do that go to http://www.md5this.com/wordlists.html get as many wordlists as you can and put them all in a directory and insert them into the passwordspro configuration. A carefull configuration of the cracking method and hybrid rules can be very time saving.

I have yet to find a salted rainbow table however i am kind of new to hash cracking ( i mean besides the use of the old L0pthCrack and john the ripper), maybe someone with more experience can point you to the right direction.
View user's profile Send private message
PostPosted: Fri Jan 09, 2009 11:40 am Reply with quote
Alkindiii
Regular user
Regular user
Joined: Jan 09, 2009
Posts: 19




I use PasswordsPro and I think it's the fastest md5 salted cracker. But I only have one machine with one CPU Rolling Eyes
What I need is an online large ranbow tables that can crack salted md5(pass.salt) or a search engine for salted md5.
View user's profile Send private message
joomla admin needs help with a salted crack
www.waraxe.us Forum Index -> All other hashes
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
All times are GMT
Page 1 of 2
Goto page 1, 2Next
Post new topicReply to topic


Powered by phpBB © 2001-2008 phpBB Group



Space Raider game for Android, free download - Space Raider gameplay video - Zone Raider mobile games
All logos and trademarks in this site are property of their respective owner. The comments and posts are property of their posters, all the rest (c) 2004-2024 Janek Vind "waraxe"
Page Generation: 0.049 Seconds