Waraxe IT Security Portal
Login or Register
November 24, 2024
Menu
Home
Logout
Discussions
Forums
Members List
IRC chat
Tools
Base64 coder
MD5 hash
CRC32 checksum
ROT13 coder
SHA-1 hash
URL-decoder
Sql Char Encoder
Affiliates
y3dips ITsec
Md5 Cracker
User Manuals
AlbumNow
Content
Content
Sections
FAQ
Top
Info
Feedback
Recommend Us
Search
Journal
Your Account
User Info
Welcome, Anonymous
Nickname
Password
(Register)

Membership:
Latest: MichaelSnaRe
New Today: 0
New Yesterday: 0
Overall: 9144

People Online:
Visitors: 126
Members: 0
Total: 126
Full disclosure
APPLE-SA-11-19-2024-5 macOS Sequoia 15.1.1
Local Privilege Escalations in needrestart
APPLE-SA-11-19-2024-4 iOS 17.7.2 and iPadOS 17.7.2
APPLE-SA-11-19-2024-3 iOS 18.1.1 and iPadOS 18.1.1
APPLE-SA-11-19-2024-2 visionOS 2.1.1
APPLE-SA-11-19-2024-1 Safari 18.1.1
Reflected XSS - fronsetiav1.1
XXE OOB - fronsetiav1.1
St. Poelten UAS | Path Traversal in Korenix JetPort 5601
St. Poelten UAS | Multiple Stored Cross-Site Scripting in SEH utnserver Pro
Apple web content filter bypass allows unrestricted access to blocked content (macOS/iOS/iPadOS/visionO S/watchOS)
SEC Consult SA-20241112-0 :: Multiple vulnerabilities in Siemens Energy Omnivise T3000 (CVE-2024-38876, CVE-2024-38877, CVE-2024-38878, CVE-2024-38879)
Security issue in the TX Text Control .NET Server for ASP.NET.
SEC Consult SA-20241107-0 :: Multiple Vulnerabilities in HASOMED Elefant and Elefant Software Updater
Unsafe eval() in TestRail CLI
Log in Register Forum FAQ Memberlist Search
IT Security and Insecurity Portal

www.waraxe.us Forum Index -> Sql injection -> I have an SQL dump file which I want to exploit
Post new topicReply to topic View previous topic :: View next topic
I have an SQL dump file which I want to exploit
PostPosted: Thu Jul 08, 2010 5:53 pm Reply with quote
D1scord
Regular user
Regular user
Joined: Jul 08, 2010
Posts: 7




I have successfully negotiated to the relevant tables and exported all of the 2000 usernames / passwords etc to an excel file.

The passwords are hashed (MD5) and salt. I have the salt information in a separate column.

Now I have a few questions (very n00bish so I apologise in advance).

1. Since I have the entire d-base can I just modify it in some way to reveal all of the hashed passwords into plain text?

2. I am getting my head around rainbow tables. I ran a sample of the MD5 hashes through some of the online crackers but had no luck. Because of the salt I assume?

How to incorporate the salt information stored in the relevant column to support the cracking process?

3. I also have all of the plaintext private messages that were sent via the bulletin board that the SQL file came from, approx 21,000. Is there a technique for searching this data for particular strings?

If anybody has any other ideas and what to do I would love to hear them.

Embarassed
View user's profile Send private message Visit poster's website
PostPosted: Thu Jul 08, 2010 6:53 pm Reply with quote
vince213333
Advanced user
Advanced user
Joined: Aug 03, 2009
Posts: 737
Location: Belgium




Question 1

You cannot modify the database to show the plaintext passwords. You need to crack the md5 hashes or install a logger on the site that logs the plaintext into a database/file/...

Question 2
Rainbow tables are meant to be used with unsalted hashes. The don't work unless you have a rainbow table for each specific salt (which I doubt). You need to import the md5 hash and the matching salt into a password cracker like the famous passwordspro.

Question 3
You can use an SQL query with the Like statement (Google is your friend).
View user's profile Send private message
PostPosted: Thu Jul 08, 2010 7:27 pm Reply with quote
D1scord
Regular user
Regular user
Joined: Jul 08, 2010
Posts: 7




vince213333 wrote:
Question 1

You cannot modify the database to show the plaintext passwords. You need to crack the md5 hashes or install a logger on the site that logs the
plaintext into a database/file/...

Question 2
Rainbow tables are meant to be used with unsalted hashes. The don't work unless you have a rainbow table for each specific salt (which I doubt). You need to import the md5 hash and the matching salt into a password cracker like the famous passwordspro.

Question 3
You can use an SQL query with the Like statement (Google is your friend).


Thanks man - I really appreciate that.

The learning curve is steep and the time is finite!
View user's profile Send private message Visit poster's website
PostPosted: Thu Jul 08, 2010 8:17 pm Reply with quote
vince213333
Advanced user
Advanced user
Joined: Aug 03, 2009
Posts: 737
Location: Belgium




My pleasure Smile It's steep but not everything is easy. If you need help with anything, feel free to ask ^^
View user's profile Send private message
PostPosted: Fri Jul 09, 2010 12:06 am Reply with quote
earthquaker
Advanced user
Advanced user
Joined: Jun 02, 2008
Posts: 111
Location: q8




why dont u post the hash's+salt here
View user's profile Send private message
PostPosted: Fri Jul 09, 2010 4:45 am Reply with quote
D1scord
Regular user
Regular user
Joined: Jul 08, 2010
Posts: 7




earthquaker wrote:
why dont u post the hash's+salt here


All 1500?
View user's profile Send private message Visit poster's website
PostPosted: Fri Jul 09, 2010 6:06 am Reply with quote
earthquaker
Advanced user
Advanced user
Joined: Jun 02, 2008
Posts: 111
Location: q8




yea u can use http://pastebin.com/
View user's profile Send private message
PostPosted: Sat Jul 10, 2010 9:39 pm Reply with quote
D1scord
Regular user
Regular user
Joined: Jul 08, 2010
Posts: 7




earthquaker wrote:
yea u can use http://pastebin.com/


http://pastebin.com/VGTkSP69

Done.
View user's profile Send private message Visit poster's website
PostPosted: Fri Jul 16, 2010 11:50 am Reply with quote
D1scord
Regular user
Regular user
Joined: Jul 08, 2010
Posts: 7




earthquaker wrote:
yea u can use http://pastebin.com/


Is nobody interested in this?
View user's profile Send private message Visit poster's website
PostPosted: Fri Jul 16, 2010 2:15 pm Reply with quote
earthquaker
Advanced user
Advanced user
Joined: Jun 02, 2008
Posts: 111
Location: q8




have u got the whole .sql dump or just this piece ? if u have the whole thing then msg me
View user's profile Send private message
I have an SQL dump file which I want to exploit
www.waraxe.us Forum Index -> Sql injection
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
All times are GMT
Page 1 of 1

Post new topicReply to topic


Powered by phpBB © 2001-2008 phpBB Group



Space Raider game for Android, free download - Space Raider gameplay video - Zone Raider mobile games
All logos and trademarks in this site are property of their respective owner. The comments and posts are property of their posters, all the rest (c) 2004-2024 Janek Vind "waraxe"
Page Generation: 0.036 Seconds