FRIHOST • FORUMS • SEARCH • FAQ • TOS • BLOGS • COMPETITIONS
You are invited to Log in or Register a free Frihost Account!


Are u up for the hack? - MD5 with salt





animassacre
I'm not sure if this is the place for the post Smile


ok i'm trying to hack a WiFi network and i guess it's not very secure(i'm sure there's other way to hack in), but here's what i gathered:


document.sendin.password.value = hexMD5('\362' + document.login.password.value + '\355\142\060\061\050\003\014\047\056\141\040\151\063\314\340\213');

&password=d579138820616ff2cba6bca323804045

i can't find a program in which i can setup a MD5 brute force masked attack for hash with SALT + PASS + OTHERSALT as it is in this case:

salt:'\362'
+the pass+
salt2:'\355\142\060\061\050\003\014\047\056\141\040\151\063\314\340\213'

PS: i can write the program in JavaScript, it will be the fastest bruteforce attack,ever Very Happy
brokenadvice
If you have the hash (I don't know javascript that well this is just an outline)


Code:

Initialize loop

Load random word from dictionary = firstword
Load second word from dictionary = secondword

if: _Thehash_ == hexMD5( 1st salt + firstword + secondword + second hash);
break loop;

msg(hexMD5( 1st salt + firstword + secondword + second hash);

else Continue loop



I guess that makes sense :slightly confused:
animassacre
i was kidding about the JavaScript Smile

Though it is a good idea to use dictionary attack and it will be convinient to use JS (sense JS is use for generating the hash).

But i want to make a bruteforce attack, but couldn't find a program in which u can set a mask like this. More over, this "hex"MD5 makes me wonder Confused
brokenadvice
Wait, do you have the hash of the correct password?
animassacre
brokenadvice wrote:
the correct password?

&password=d579138820616ff2cba6bca323804045





-
brokenadvice
Then try:

Code:
document.sendin.password.value = d579138820616ff2cba6bca323804045



Just substitute the right hash for the generated hash in the DOM
animassacre
no I guess i missunderstanded u

this is the hash with salt
AftershockVibe
You can brute force it but it would need to be left running for several days and that's assuming the password is about 7 chars long and only lowercase letters.
Bones
I am assuming he is trying to hack the WEP key which is 26 characters Hex

Although, I suppose hacking the router, changing the password and then using mac filtering to cut off the target's computers might be kinda fun.
animassacre
Bones wrote:
I am assuming he is trying to hack the WEP key which is 26 characters Hex

Although, I suppose hacking the router, changing the password and then using mac filtering to cut off the target's computers might be kinda fun.



nope, i'm not
Jimmy_666
Excuseme but, How did you get the hash of password?
Related topics
which kind of browser do u use
Why not have a report button??
Which kind of board do u like??
Taiwan- China or U.S.
Kullanım Şartları
What games our you looking foward to?
İstanbul Forumu
.hack//
MD5...
PHP Hashing and Salting
Phpnuke Security Script :>
enter "The World" of .hack
.hack//G.U.
Türk Hackerler Çin seddine dayandi
Reply to topic    Frihost Forum Index -> Computers -> Computer Problems and Support

FRIHOST HOME | FAQ | TOS | ABOUT US | CONTACT US | SITE MAP
© 2005-2011 Frihost, forums powered by phpBB.