Waraxe IT Security Portal
Login or Register
November 23, 2024
Menu
Home
Logout
Discussions
Forums
Members List
IRC chat
Tools
Base64 coder
MD5 hash
CRC32 checksum
ROT13 coder
SHA-1 hash
URL-decoder
Sql Char Encoder
Affiliates
y3dips ITsec
Md5 Cracker
User Manuals
AlbumNow
Content
Content
Sections
FAQ
Top
Info
Feedback
Recommend Us
Search
Journal
Your Account
User Info
Welcome, Anonymous
Nickname
Password
(Register)

Membership:
Latest: MichaelSnaRe
New Today: 0
New Yesterday: 0
Overall: 9144

People Online:
Visitors: 74
Members: 0
Total: 74
Full disclosure
APPLE-SA-11-19-2024-5 macOS Sequoia 15.1.1
Local Privilege Escalations in needrestart
APPLE-SA-11-19-2024-4 iOS 17.7.2 and iPadOS 17.7.2
APPLE-SA-11-19-2024-3 iOS 18.1.1 and iPadOS 18.1.1
APPLE-SA-11-19-2024-2 visionOS 2.1.1
APPLE-SA-11-19-2024-1 Safari 18.1.1
Reflected XSS - fronsetiav1.1
XXE OOB - fronsetiav1.1
St. Poelten UAS | Path Traversal in Korenix JetPort 5601
St. Poelten UAS | Multiple Stored Cross-Site Scripting in SEH utnserver Pro
Apple web content filter bypass allows unrestricted access to blocked content (macOS/iOS/iPadOS/visionO S/watchOS)
SEC Consult SA-20241112-0 :: Multiple vulnerabilities in Siemens Energy Omnivise T3000 (CVE-2024-38876, CVE-2024-38877, CVE-2024-38878, CVE-2024-38879)
Security issue in the TX Text Control .NET Server for ASP.NET.
SEC Consult SA-20241107-0 :: Multiple Vulnerabilities in HASOMED Elefant and Elefant Software Updater
Unsafe eval() in TestRail CLI
Log in Register Forum FAQ Memberlist Search
IT Security and Insecurity Portal

www.waraxe.us Forum Index -> All other hashes -> Proof of Concept (Requesting help with hash/salt)
Post new topicReply to topic View previous topic :: View next topic
Proof of Concept (Requesting help with hash/salt)
PostPosted: Wed Feb 04, 2009 1:55 am Reply with quote
xxvvyy
Regular user
Regular user
Joined: Feb 04, 2009
Posts: 20




I am attempting to crack the hash/salt password from IPB. I am running PasswordPro and realize it is a good tool, but not the fastest.

I do not have the GPU Brute Force application, because I don't have a supported video card. I do understand it is a lot faster then Passwordpro.

I am going to keep running Passwordpro in attempt to get the password, however if anyone is interested in helping me speed up the process here is the two hash/salts.

0da41019d0fc61dadb34ecf7ce86c27f `W]Q7

779e8d81fac212bb7c74d2beb2170f27 Kfp*8
View user's profile Send private message
PostPosted: Wed Feb 04, 2009 3:53 am Reply with quote
tehhunter
Valuable expert
Valuable expert
Joined: Nov 19, 2008
Posts: 261




[1] collison found: 779e8d81fac212bb7c74d2beb2170f27:Kfp*8 is plaintext youwillneverknow
View user's profile Send private message
PostPosted: Wed Feb 04, 2009 3:56 am Reply with quote
xxvvyy
Regular user
Regular user
Joined: Feb 04, 2009
Posts: 20




tehhunter wrote:
[1] collison found: 779e8d81fac212bb7c74d2beb2170f27:Kfp*8 is plaintext youwillneverknow


Awesome dude, I'm still "cracking" with passwordpro.

Can you tell me what you used?

Method (Brute Force, Rainbow, etc....)

and system specs?
View user's profile Send private message
PostPosted: Wed Feb 04, 2009 4:09 am Reply with quote
tehhunter
Valuable expert
Valuable expert
Joined: Nov 19, 2008
Posts: 261




xxvvyy wrote:
tehhunter wrote:
[1] collison found: 779e8d81fac212bb7c74d2beb2170f27:Kfp*8 is plaintext youwillneverknow


Awesome dude, I'm still "cracking" with passwordpro.

Can you tell me what you used?

Method (Brute Force, Rainbow, etc....)

and system specs?
I'm using a macbook pro and its admittedly a good laptop, though still pales in comparison to what some better desktop computers can do.

Anyway, I'm using a program I wrote myself in Java called Crypto that tries wordlists I've gotten and found were quite good and from them tries permutations of each word and also tries adding common endings onto them.

Your specific password right here came up in my wordlists near the very end of the first run (where I just try every word I have as-is with no modifications). I was surprised cause its a random ass one lol.
View user's profile Send private message
PostPosted: Wed Feb 04, 2009 4:17 am Reply with quote
xxvvyy
Regular user
Regular user
Joined: Feb 04, 2009
Posts: 20




tehhunter wrote:
xxvvyy wrote:
tehhunter wrote:
[1] collison found: 779e8d81fac212bb7c74d2beb2170f27:Kfp*8 is plaintext youwillneverknow


Awesome dude, I'm still "cracking" with passwordpro.

Can you tell me what you used?

Method (Brute Force, Rainbow, etc....)

and system specs?
I'm using a macbook pro and its admittedly a good laptop, though still pales in comparison to what some better desktop computers can do.

Anyway, I'm using a program I wrote myself in Java called Crypto that tries wordlists I've gotten and found were quite good and from them tries permutations of each word and also tries adding common endings onto them.

Your specific password right here came up in my wordlists near the very end of the first run (where I just try every word I have as-is with no modifications). I was surprised cause its a random ass one lol.


Very good!

I have no extreme need for the password, but am interested in understanding the cryptology process.

Maybe you could enlighten me on some of the finer points of cracking an encrypted password?

Also, how long did it take you to crack the passwd?
View user's profile Send private message
PostPosted: Wed Feb 04, 2009 4:28 am Reply with quote
tehhunter
Valuable expert
Valuable expert
Joined: Nov 19, 2008
Posts: 261




Here's the output from my prog:
Code:
________________________________________________________________
| <<Crypto v0.2.0>> |
| by <xxx> <xxx@gmail.com> |
| Questions? Comments? Feedback? Things you'd like to see? |
| Please send me an email, I read all of it. |
| If you are reporting a bug, send me all of your program output|
-----------------------------------------------------------------

** Note: If you are using the -server parameter to run this program,
the estimated time remaining (etr) may flucuate and not be
as accurate. This is due to the constant optimization being
used by Sun's HotSpot JIT compiler

Loading hashes from reg_hashes.txt ... [OK]
-> Loaded 1 hashes total
>>>>> Hash file (vb_hashes.txt) does not exist!
Loading hashes from ipb_hashes.txt ... [OK]
-> Loaded 2 hashes total
Loading hashes from joomla_hashes.txt ... [OK]
Loading endings from /wordslists/endings.txt ... [OK]
Loading wordlists from /wordslists/*.dic ...
-> Loading words from allfound.dic (43kb) ... [OK]
-> Loading words from commonlastnames.dic (144kb) ... [OK]
-> Loading words from commonnames.dic (14kb) ... [OK]
-> Loading words from commonpasswords.dic (5kb) ... [OK]
-> Loading words from commonwords.dic (15kb) ... [OK]
-> Loading words from D8.dic (732kb) ... [OK]
-> Loading words from insidepro.dic (2619kb) ... [OK]
-> Loading words from jargon.dic (85kb) ... [OK]
-> Loading words from keyboard.dic (2kb) ... [OK]
-> Loading words from kjbible.dic (103kb) ... [OK]
-> Loading words from mil-dic.dic (676kb) ... [OK]
-> Loading words from new.dic (0kb) ... [OK]
-> Loading words from NORM.dic (629kb) ... [OK]
-> Loading words from opencrack_plains2.dic (8309kb) ... [OK]
-> Loading words from password2.dic (15kb) ... [OK]
-> Loading words from wordsEn.dic (1127kb) ... [OK]
-> Loading words from world_factbook.dic (217kb) ... [OK]
*** To add more words, add files in /wordlists/ ending in .dic
They will be automatically loaded
2832906 words loaded from 17 files
>>>>>
Initial run, trying all words as loaded without permutations ...
[0] 0 of 2832906, etr:
[0] 100000 of 2832906, etr: 57 seconds
[0] 200000 of 2832906, etr: 43 seconds
[0] 300000 of 2832906, etr: 41 seconds
[0] 400000 of 2832906, etr: 40 seconds
[0] 500000 of 2832906, etr: 38 seconds
[0] 600000 of 2832906, etr: 36 seconds
[0] 700000 of 2832906, etr: 34 seconds
[0] 800000 of 2832906, etr: 33 seconds
[0] 900000 of 2832906, etr: 31 seconds
[0] 1000000 of 2832906, etr: 30 seconds
[0] 1100000 of 2832906, etr: 28 seconds
[0] 1200000 of 2832906, etr: 26 seconds
[0] 1300000 of 2832906, etr: 24 seconds
[0] 1400000 of 2832906, etr: 23 seconds
[0] 1500000 of 2832906, etr: 21 seconds
[0] 1600000 of 2832906, etr: 20 seconds
[0] 1700000 of 2832906, etr: 18 seconds
[0] 1800000 of 2832906, etr: 16 seconds
[0] 1900000 of 2832906, etr: 15 seconds
[0] 2000000 of 2832906, etr: 13 seconds
[0] 2100000 of 2832906, etr: 11 seconds
[0] 2200000 of 2832906, etr: 10 seconds
[0] 2300000 of 2832906, etr: 8 seconds
[0] 2400000 of 2832906, etr: 6 seconds
[0] 2500000 of 2832906, etr: 5 seconds
[0] 2600000 of 2832906, etr: 3 seconds
[1] collison found: 779e8d81fac212bb7c74d2beb2170f27:Kfp*8 is plaintext youwillneverknow
[1] 2700000 of 2832906, etr: 1 seconds
[1] 2800000 of 2832906, etr:
Initial run finished ...
<<<<<
So that's the output and as you can see it didn't take much time at all.

A few tips:
-Always seek better methods (this is purposely vague). On a slower computer or one with a bad graphics card, you have to be more clever about how you try to crack passwords. My strategy was
1) Make programs to collect common names, last names, nick names, passwords, keyboard combinations, and words
2) (I created but you could just get it from me I guess) A file that contains common endings to passwords (aka 123->234->345->...->1337->098, etc)
3) Use permutations (which is what I'm doing with the other pass right now) (aka doggy->DoGGY->DOGGY->D0GGY)
4) Combine permutations and common endings

This gets the most thorough coverage of passwords in my opinion. I only have around 2 million something words in my list (relatively small) but with all this above it gets multiplied by a factor of 12(num of per.) * (50)(num of endings).

Oh, and a really, really good tip: use cracked word lists from cracking websites like Opencrack, or milw0rm etc. Those are the backbone of my cracking.

Anyway, if you have any more q's, toss em my way.
View user's profile Send private message
PostPosted: Wed Feb 04, 2009 4:35 am Reply with quote
xxvvyy
Regular user
Regular user
Joined: Feb 04, 2009
Posts: 20




tehhunter wrote:

Anyway, if you have any more q's, toss em my way.


I have a ton now, but my importantly is one off topic.

I am trying to figure out what I'm doing wrong with a variant of waraxes IPB SQL sploit.

I am trying to find the user name that is associated with the password you cracked.

For some reason that sploit is returning syntax errors, even after attempting to correct the situation that waraxe provided.
View user's profile Send private message
PostPosted: Wed Feb 04, 2009 7:16 am Reply with quote
tehhunter
Valuable expert
Valuable expert
Joined: Nov 19, 2008
Posts: 261




xxvvyy wrote:
tehhunter wrote:

Anyway, if you have any more q's, toss em my way.


I have a ton now, but my importantly is one off topic.

I am trying to figure out what I'm doing wrong with a variant of waraxes IPB SQL sploit.

I am trying to find the user name that is associated with the password you cracked.

For some reason that sploit is returning syntax errors, even after attempting to correct the situation that waraxe provided.
Getting the username is simple enough, you just have to know the easy things a board gives you. If you click on a user's profile, then look at the url, you'll notice that the ID number at the top is the same as the one used to extract the hash. I just checked and I think it might be something along the lines of
index.php?showuser=23144 so just try to find it like that, its not hard Smile

* If that type of url above doesn't work for some reason, just manually click on a user's profile and change the url at the top of the screen
View user's profile Send private message
PostPosted: Wed Feb 04, 2009 7:31 am Reply with quote
xxvvyy
Regular user
Regular user
Joined: Feb 04, 2009
Posts: 20




tehhunter wrote:

* If that type of url above doesn't work for some reason, just manually click on a user's profile and change the url at the top of the screen


I'll try that next, but I can't with the way the board is setup with not being able to login in to one of these accounts.

I am learning passwordpro (Hybrid attack) now. Having some troubles. Maybe you can assist?

7377ce08fe232b3d9d605ecfda17df5d:Nou*k
0fa6b5d30c31a119eac4582e894ee8a2:ex&<X
7b59491b6f89a0adf315b73dfc542821:4JJ05
151a0fb2c751bba20c24c379bbdf0e07:Yr]}_
96e8a381cec4458196abb1d8453a3625:[EnHP
b365a5b4802179b588b1fdfaffcbf5b3:KOJ]e
View user's profile Send private message
PostPosted: Wed Feb 04, 2009 3:12 pm Reply with quote
SpyderMonkey
Advanced user
Advanced user
Joined: Dec 20, 2008
Posts: 233




7b59491b6f89a0adf315b73dfc542821 = 6153
View user's profile Send private message
PostPosted: Wed Feb 04, 2009 6:17 pm Reply with quote
tehhunter
Valuable expert
Valuable expert
Joined: Nov 19, 2008
Posts: 261




xxvvyy wrote:
tehhunter wrote:

* If that type of url above doesn't work for some reason, just manually click on a user's profile and change the url at the top of the screen


I'll try that next, but I can't with the way the board is setup with not being able to login in to one of these accounts.

I am learning passwordpro (Hybrid attack) now. Having some troubles. Maybe you can assist?

7377ce08fe232b3d9d605ecfda17df5d:Nou*k
0fa6b5d30c31a119eac4582e894ee8a2:ex&<X
7b59491b6f89a0adf315b73dfc542821:4JJ05
151a0fb2c751bba20c24c379bbdf0e07:Yr]}_
96e8a381cec4458196abb1d8453a3625:[EnHP
b365a5b4802179b588b1fdfaffcbf5b3:KOJ]e
I'll try these, but you can't even register an account yourself?
View user's profile Send private message
PostPosted: Thu Feb 05, 2009 6:56 am Reply with quote
xxvvyy
Regular user
Regular user
Joined: Feb 04, 2009
Posts: 20




tehhunter wrote:
xxvvyy wrote:
tehhunter wrote:

* If that type of url above doesn't work for some reason, just manually click on a user's profile and change the url at the top of the screen


I'll try that next, but I can't with the way the board is setup with not being able to login in to one of these accounts.

I am learning passwordpro (Hybrid attack) now. Having some troubles. Maybe you can assist?

7377ce08fe232b3d9d605ecfda17df5d:Nou*k
0fa6b5d30c31a119eac4582e894ee8a2:ex&<X
7b59491b6f89a0adf315b73dfc542821:4JJ05
151a0fb2c751bba20c24c379bbdf0e07:Yr]}_
96e8a381cec4458196abb1d8453a3625:[EnHP
b365a5b4802179b588b1fdfaffcbf5b3:KOJ]e
I'll try these, but you can't even register an account yourself?


I can register an account, but I need a certain amount of posts to view the members list. I am trying to circumvent this Smile

I did come up with two

edd366a1870ebd085a010e50b65c4ee4:WcUP* = cactus
e4b196cab923d230de2fb52685c61c00:;"8<g = brothers
View user's profile Send private message
PostPosted: Fri Feb 06, 2009 12:40 pm Reply with quote
SpyderMonkey
Advanced user
Advanced user
Joined: Dec 20, 2008
Posts: 233




0fa6b5d30c31a119eac4582e894ee8a2:ex&<X = tankman1
View user's profile Send private message
Proof of Concept (Requesting help with hash/salt)
www.waraxe.us Forum Index -> All other hashes
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
All times are GMT
Page 1 of 1

Post new topicReply to topic


Powered by phpBB © 2001-2008 phpBB Group



Space Raider game for Android, free download - Space Raider gameplay video - Zone Raider mobile games
All logos and trademarks in this site are property of their respective owner. The comments and posts are property of their posters, all the rest (c) 2004-2024 Janek Vind "waraxe"
Page Generation: 0.044 Seconds