|
Menu |
|
|
Home |
| |
|
Discussions |
| |
|
Tools |
| |
|
Affiliates |
| |
|
Content |
| |
|
Info |
| | |
|
|
|
|
|
User Info |
|
Membership:
Latest: MichaelSnaRe
New Today: 0
New Yesterday: 0
Overall: 9144
People Online:
Visitors: 53
Members: 0
Total: 53
|
|
|
|
|
|
Full disclosure |
|
|
|
|
|
|
|
|
|
IT Security and Insecurity Portal |
|
|
What kind of hash? :O |
|
Posted: Mon Dec 29, 2008 1:25 am |
|
|
10_Sec_Hero |
Advanced user |
|
|
Joined: Oct 22, 2008 |
Posts: 52 |
|
|
|
|
|
|
|
j9%3C%A5%0B%60w%B6%14%BF
g%11%0F%5E%0C%2Av
b%0A%0C%AF%F3%12%A5
mI%C2k%0E%D9
s%A5%84%B5%17a+1%7F
I have no idea what so ever...please help? |
|
|
|
|
|
Re: What kind of hash? :O |
|
Posted: Mon Dec 29, 2008 3:44 am |
|
|
tehhunter |
Valuable expert |
|
|
Joined: Nov 19, 2008 |
Posts: 261 |
|
|
|
|
|
|
|
10_Sec_Hero wrote: | j9%3C%A5%0B%60w%B6%14%BF
g%11%0F%5E%0C%2Av
b%0A%0C%AF%F3%12%A5
mI%C2k%0E%D9
s%A5%84%B5%17a+1%7F
I have no idea what so ever...please help? | Looks like it is hex encoded, so I ran it through waraxe's url decoder on this site. I got the following:
Code: | j9<¥`w¶¿
g^*v
b
¯ó¥
mIÂkÙ
s¥„µa 1 | See if that works at all. |
|
|
|
|
Posted: Mon Dec 29, 2008 4:18 am |
|
|
10_Sec_Hero |
Advanced user |
|
|
Joined: Oct 22, 2008 |
Posts: 52 |
|
|
|
|
|
|
|
i really doubt thats gonna work, they have to be plaintext.
thx for trying |
|
|
|
|
Posted: Mon Dec 29, 2008 4:48 am |
|
|
k40t1x |
Regular user |
|
|
Joined: Dec 27, 2008 |
Posts: 22 |
|
|
|
|
|
|
|
10_SEC how did you get them? I dont think that you can use them at all :S |
|
|
|
|
Posted: Mon Dec 29, 2008 5:06 am |
|
|
10_Sec_Hero |
Advanced user |
|
|
Joined: Oct 22, 2008 |
Posts: 52 |
|
|
|
|
|
|
|
ok..i got them through sql injection from a website. i got the email address which is not encrypted and then i got these which are the passwords. |
|
|
|
|
Posted: Mon Dec 29, 2008 1:18 pm |
|
|
Henderson |
Valuable expert |
|
|
Joined: Jul 11, 2008 |
Posts: 58 |
|
|
|
|
|
|
|
The strings are urlencoded, but it doesn't change the fact that they're encrypted (XOR maybe?). Send me PM with URL if you want |
|
|
|
|
|
|
|
|
Posted: Tue Dec 30, 2008 11:18 am |
|
|
Henderson |
Valuable expert |
|
|
Joined: Jul 11, 2008 |
Posts: 58 |
|
|
|
|
|
|
|
The first letter of encrypted string is the first letter of user's e-mail address. Rest is a password XOR-ed with a key which is calculated basing on mentioned first letter. I don't know how the key is generated (probably it's some big number) but you could register an account with the same beginning letter of e-mail address as of the account you want to attack, and being able to execute SQL queries, read the encrypted password of yourself from database. Then just XOR the ciphertext with your real password and you'll get the key. Having the key, XOR victim's encrypted password with it and you'll get password in plaintext. Out of curiosity it would be cool to read the script's source using load_file() to discover the key generation algorithm. |
|
|
|
|
Posted: Tue Dec 30, 2008 4:47 pm |
|
|
10_Sec_Hero |
Advanced user |
|
|
Joined: Oct 22, 2008 |
Posts: 52 |
|
|
|
|
|
|
|
Cool, thank you a lot! |
|
|
|
|
Posted: Fri Jan 02, 2009 6:24 pm |
|
|
10_Sec_Hero |
Advanced user |
|
|
Joined: Oct 22, 2008 |
Posts: 52 |
|
|
|
|
|
|
|
I did like you said, created an account with them, this is the account I created:
Code: | p%8F%28%1C%08%0FR pandila_005@yahoo.com |
plaintext of p%8F%28%1C%08%0FR is parola
I still have no idea how to crack it
what do you reckon? |
|
|
|
|
Posted: Fri Jan 02, 2009 7:27 pm |
|
|
Henderson |
Valuable expert |
|
|
Joined: Jul 11, 2008 |
Posts: 58 |
|
|
|
|
|
|
|
Since we don't know the length of key, it would be better if you created a password of maximum length. |
|
|
|
|
Posted: Sat Jan 03, 2009 4:46 am |
|
|
10_Sec_Hero |
Advanced user |
|
|
Joined: Oct 22, 2008 |
Posts: 52 |
|
|
|
|
|
|
|
here we go, managed to pull out the 16 character password (alpha-numeric) for latest account created:
email address used: email001@yahoo.com
er6%04H%1B%95%7F%96%02%B7v%F2a%02%9E%FC and plaintext is 1234567890abcdef
created a differect account couple of days ago, heres the email:password
email address used: johnny23462@yahoo.com
j2h%FF%16%60g and plaintext is adidas |
|
|
|
|
|
|
|
|
Posted: Sat Jan 03, 2009 10:07 am |
|
|
Henderson |
Valuable expert |
|
|
Joined: Jul 11, 2008 |
Posts: 58 |
|
|
|
|
|
|
|
The phrase er6%04H%1B%95%7F%96%02%B7v%F2a%02%9E%FC consists of two parts:
e = same as first letter of e-mail
723604481B957F9602B776F261029EFC = ciphertext (hex)
We know the plaintext, so we XOR the cipthertext with it to get the key.
31323334353637383930616263646566 = "1234567890abcdef" (hex)
723604481B957F9602B776F261029EFC XOR 31323334353637383930616263646566 = key
Having this particular key you can decipher ciphertext of phrases beginning with letter "e" (because the key is calculated from it) by XOR-ing the ciphertext with it:
ciphertext XOR key = plaintext
Hope it's clear now. |
|
Last edited by Henderson on Tue Jan 06, 2009 12:30 pm; edited 1 time in total |
|
|
|
Posted: Sat Jan 03, 2009 5:31 pm |
|
|
10_Sec_Hero |
Advanced user |
|
|
Joined: Oct 22, 2008 |
Posts: 52 |
|
|
|
|
|
|
|
Yeah I got it now, thanks man! |
|
|
|
|
www.waraxe.us Forum Index -> Hash related information
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
|
All times are GMT
Page 1 of 1
|
|
|
Powered by phpBB © 2001-2008 phpBB Group
|
|
|
|
|
|