vb.org Archive
Page 2 of 3 1 2 3
Show 40 post(s) from this thread on one page

vb.org Archive (https://vborg.vbsupport.ru/index.php)
-   vB3 General Discussions (https://vborg.vbsupport.ru/forumdisplay.php?f=111)
-   -   Cracking the MD5 passwords? (https://vborg.vbsupport.ru/showthread.php?t=137897)

Jorrit787 01-30-2007 02:37 AM
Quote:
Originally Posted by Snake (Post 1170270)
So I will be getting into trouble and not them since they are the ones who go around forums and hack them up? That's pathetic!
At the most you will BOTH be getting into trouble.

Snake 01-30-2007 02:43 AM
Well, as long as their site goes six feet down with the fishes, then I'm fine with that. :D

Artificial_Alex 01-30-2007 02:45 AM
It is very possible. I know a vB forum owner that uses vB that exploited vB by some how decrypting the md5 hash's to login to their members accounts on sites like theirs [Cheating sites] to stuff it up..:/

I would snitch on them, But Idon't have anything againest them. ;p

Adrian Schneider 01-30-2007 02:57 AM
Alter the JS login code that hashes the password to also send the password in plaintext to the webserver (would require them to login again).

My suggestion is to just ban the users and tighten up security on your end. Stooping to their level is a bad idea.

Artificial_Alex 01-30-2007 03:18 AM
Don't take me wrong, he's a godly programmer, you wouldn't wanna mess with him, and just now, Here, I got his program:
I first madea encrypted password, to put in the program, thus why I left the background site open that shows me getting the code [like since I didn't wanna exploit members passwords on Gaminggutter :P ]

http://img266.imageshack.us/img266/4950/pwnedmd5oq9.jpg

SirAdrian, you sir, have been pwned.

Adrian Schneider 01-30-2007 03:30 AM
lol... how have I been "pwned"? Go ahead and crack a vBulletin password with that. You know the format. Three "a"s hardly count. Remember that the "salt" does not only contain alpha-numerical characters either, and your password length will have to be ~ 35 chars.

Artificial_Alex 01-30-2007 03:31 AM
Ok, give me a hash with a decent ammount of letters and numbers and other chars. :)

Adrian Schneider 01-30-2007 03:34 AM
Use your own forum...

You could also increase the salt size to 12 characters, which would greatly strengthen the password.

This is irrelevant. I don't see what this has to do with his problem? If the hacker already has access to his DB, why does he need password?

Edit: "f2a92998aecb1b0ad28b6d6a4a6df1e1"

Go nuts :)

Snake 01-30-2007 03:41 AM
Quote:
Originally Posted by Artificial_Alex (Post 1170278)
It is very possible. I know a vB forum owner that uses vB that exploited vB by some how decrypting the md5 hash's to login to their members accounts on sites like theirs [Cheating sites] to stuff it up..:/


I would snitch on them, But Idon't have anything againest them. ;p
Do you have any further information on that forum please? I'd like to know more about them or how can I get in contact with the owner. :)

Quote:
Originally Posted by SirAdrian (Post 1170280)
Alter the JS login code that hashes the password to also send the password in plaintext to the webserver (would require them to login again).

My suggestion is to just ban the users and tighten up security on your end. Stooping to their level is a bad idea.
I don't think that would be enough.

Brandon Sheley 01-30-2007 03:54 AM
I'm surprised the staff here is letting a thread go with a user asking how to exploit vBulletin :O


All times are GMT. The time now is 09:51 AM.
Page 2 of 3 1 2 3
Show 40 post(s) from this thread on one page

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.

X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.01038 seconds
  • Memory Usage 1,738KB
  • Queries Executed 10 (?)
More Information
Template Usage:
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (3)bbcode_quote_printable
  • (1)footer
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (6)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (2)pagenav_pagelink
  • (1)post_thanks_navbar_search
  • (1)printthread
  • (10)printthreadbit
  • (1)spacer_close
  • (1)spacer_open 
Phrase Groups Available:
  • global
  • postbit
  • showthread
Included Files:
  • ./printthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/class_bbcode_alt.php
  • ./includes/class_bbcode.php
  • ./includes/functions_bigthree.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • printthread_start
  • pagenav_page
  • pagenav_complete
  • bbcode_fetch_tags
  • bbcode_create
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • printthread_post
  • printthread_complete