Waraxe IT Security Portal
Login or Register
December 25, 2024
Menu
Home
Logout
Discussions
Forums
Members List
IRC chat
Tools
Base64 coder
MD5 hash
CRC32 checksum
ROT13 coder
SHA-1 hash
URL-decoder
Sql Char Encoder
Affiliates
y3dips ITsec
Md5 Cracker
User Manuals
AlbumNow
Content
Content
Sections
FAQ
Top
Info
Feedback
Recommend Us
Search
Journal
Your Account
User Info
Welcome, Anonymous
Nickname
Password
(Register)

Membership:
Latest: MichaelSnaRe
New Today: 0
New Yesterday: 0
Overall: 9144

People Online:
Visitors: 99
Members: 0
Total: 99
Full disclosure
CyberDanube Security Research 20241219-0 | Authenticated Remote Code Execution in Ewon Flexy 205
Stored XSS with Filter Bypass - blogenginev3.3.8
[SYSS-2024-085]: Broadcom CA Client Automation - Improper Privilege Management (CWE-269)
[KIS-2024-07] GFI Kerio Control <= 9.4.5 Multiple HTTP Response Splitting Vulnerabilities
RansomLordNG - anti-ransomware exploit tool
APPLE-SA-12-11-2024-9 Safari 18.2
APPLE-SA-12-11-2024-8 visionOS 2.2
APPLE-SA-12-11-2024-7 tvOS 18.2
APPLE-SA-12-11-2024-6 watchOS 11.2
APPLE-SA-12-11-2024-5 macOS Ventura 13.7.2
APPLE-SA-12-11-2024-4 macOS Sonoma 14.7.2
APPLE-SA-12-11-2024-3 macOS Sequoia 15.2
APPLE-SA-12-11-2024-2 iPadOS 17.7.3
APPLE-SA-12-11-2024-1 iOS 18.2 and iPadOS 18.2
SEC Consult SA-20241211-0 :: Reflected Cross-Site Scripting in Numerix License Server Administration System Login
Log in Register Forum FAQ Memberlist Search
IT Security and Insecurity Portal

www.waraxe.us Forum Index -> Hash related information -> What kind of hash? :O
Post new topicReply to topic View previous topic :: View next topic
What kind of hash? :O
PostPosted: Mon Dec 29, 2008 1:25 am Reply with quote
10_Sec_Hero
Advanced user
Advanced user
Joined: Oct 22, 2008
Posts: 52




j9%3C%A5%0B%60w%B6%14%BF
g%11%0F%5E%0C%2Av
b%0A%0C%AF%F3%12%A5
mI%C2k%0E%D9
s%A5%84%B5%17a+1%7F

I have no idea what so ever...please help?
View user's profile Send private message
Re: What kind of hash? :O
PostPosted: Mon Dec 29, 2008 3:44 am Reply with quote
tehhunter
Valuable expert
Valuable expert
Joined: Nov 19, 2008
Posts: 261




10_Sec_Hero wrote:
j9%3C%A5%0B%60w%B6%14%BF
g%11%0F%5E%0C%2Av
b%0A%0C%AF%F3%12%A5
mI%C2k%0E%D9
s%A5%84%B5%17a+1%7F

I have no idea what so ever...please help?
Looks like it is hex encoded, so I ran it through waraxe's url decoder on this site. I got the following:

Code:
j9<¥ `w¶¿
g^ *v
b
¯ó¥
mIÂkÙ
s¥„µa 1
See if that works at all.
View user's profile Send private message
PostPosted: Mon Dec 29, 2008 4:18 am Reply with quote
10_Sec_Hero
Advanced user
Advanced user
Joined: Oct 22, 2008
Posts: 52




i really doubt thats gonna work, they have to be plaintext.
thx for trying Smile
View user's profile Send private message
PostPosted: Mon Dec 29, 2008 4:48 am Reply with quote
k40t1x
Regular user
Regular user
Joined: Dec 27, 2008
Posts: 22




10_SEC how did you get them? I dont think that you can use them at all :S
View user's profile Send private message
PostPosted: Mon Dec 29, 2008 5:06 am Reply with quote
10_Sec_Hero
Advanced user
Advanced user
Joined: Oct 22, 2008
Posts: 52




ok..i got them through sql injection from a website. i got the email address which is not encrypted and then i got these which are the passwords.
View user's profile Send private message
PostPosted: Mon Dec 29, 2008 1:18 pm Reply with quote
Henderson
Valuable expert
Valuable expert
Joined: Jul 11, 2008
Posts: 58




The strings are urlencoded, but it doesn't change the fact that they're encrypted (XOR maybe?). Send me PM with URL if you want Smile
View user's profile Send private message
PostPosted: Tue Dec 30, 2008 11:18 am Reply with quote
Henderson
Valuable expert
Valuable expert
Joined: Jul 11, 2008
Posts: 58




The first letter of encrypted string is the first letter of user's e-mail address. Rest is a password XOR-ed with a key which is calculated basing on mentioned first letter. I don't know how the key is generated (probably it's some big number) but you could register an account with the same beginning letter of e-mail address as of the account you want to attack, and being able to execute SQL queries, read the encrypted password of yourself from database. Then just XOR the ciphertext with your real password and you'll get the key. Having the key, XOR victim's encrypted password with it and you'll get password in plaintext. Out of curiosity it would be cool to read the script's source using load_file() to discover the key generation algorithm.
View user's profile Send private message
PostPosted: Tue Dec 30, 2008 4:47 pm Reply with quote
10_Sec_Hero
Advanced user
Advanced user
Joined: Oct 22, 2008
Posts: 52




Cool, thank you a lot! Smile
View user's profile Send private message
PostPosted: Fri Jan 02, 2009 6:24 pm Reply with quote
10_Sec_Hero
Advanced user
Advanced user
Joined: Oct 22, 2008
Posts: 52




I did like you said, created an account with them, this is the account I created:
Code:
p%8F%28%1C%08%0FR pandila_005@yahoo.com

plaintext of p%8F%28%1C%08%0FR is parola

I still have no idea how to crack it
what do you reckon?
View user's profile Send private message
PostPosted: Fri Jan 02, 2009 7:27 pm Reply with quote
Henderson
Valuable expert
Valuable expert
Joined: Jul 11, 2008
Posts: 58




Since we don't know the length of key, it would be better if you created a password of maximum length.
View user's profile Send private message
PostPosted: Sat Jan 03, 2009 4:46 am Reply with quote
10_Sec_Hero
Advanced user
Advanced user
Joined: Oct 22, 2008
Posts: 52




here we go, managed to pull out the 16 character password (alpha-numeric) for latest account created:

email address used: email001@yahoo.com

er6%04H%1B%95%7F%96%02%B7v%F2a%02%9E%FC and plaintext is 1234567890abcdef

created a differect account couple of days ago, heres the email:password

email address used: johnny23462@yahoo.com

j2h%FF%16%60g and plaintext is adidas
View user's profile Send private message
PostPosted: Sat Jan 03, 2009 10:07 am Reply with quote
Henderson
Valuable expert
Valuable expert
Joined: Jul 11, 2008
Posts: 58




The phrase er6%04H%1B%95%7F%96%02%B7v%F2a%02%9E%FC consists of two parts:

e = same as first letter of e-mail
723604481B957F9602B776F261029EFC = ciphertext (hex)

We know the plaintext, so we XOR the cipthertext with it to get the key.

31323334353637383930616263646566 = "1234567890abcdef" (hex)

723604481B957F9602B776F261029EFC XOR 31323334353637383930616263646566 = key

Having this particular key you can decipher ciphertext of phrases beginning with letter "e" (because the key is calculated from it) by XOR-ing the ciphertext with it:

ciphertext XOR key = plaintext

Hope it's clear now.


Last edited by Henderson on Tue Jan 06, 2009 12:30 pm; edited 1 time in total
View user's profile Send private message
PostPosted: Sat Jan 03, 2009 5:31 pm Reply with quote
10_Sec_Hero
Advanced user
Advanced user
Joined: Oct 22, 2008
Posts: 52




Yeah I got it now, thanks man! Very Happy
View user's profile Send private message
What kind of hash? :O
www.waraxe.us Forum Index -> Hash related information
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
All times are GMT
Page 1 of 1

Post new topicReply to topic


Powered by phpBB © 2001-2008 phpBB Group



Space Raider game for Android, free download - Space Raider gameplay video - Zone Raider mobile games
All logos and trademarks in this site are property of their respective owner. The comments and posts are property of their posters, all the rest (c) 2004-2024 Janek Vind "waraxe"
Page Generation: 0.046 Seconds