vb.org Archive - Is there a hack to let me see users passwords

Page 3 of 4

Show 40 post(s) from this thread on one page

vb.org Archive (https://vborg.vbsupport.ru/index.php)

- vB3 Programming Discussions (https://vborg.vbsupport.ru/forumdisplay.php?f=15)

- - Is there a hack to let me see users passwords (https://vborg.vbsupport.ru/showthread.php?t=162807)

Opserty

11-17-2007 02:35 PM

Quote:

Originally Posted by jambo310 (Post 1384015)

Well about 1.5 year ago my friend signed up on a forum for psp games and then his computer got hacked, it took him ages to save back up for a nice new laptop,

His computer got hacked so he brought a new one?! That made me LOL! Does he really know nothing about computers :p

Quote:

he used a froum master pass which he forgpt and since i recently became and admin on that and befroe that bought my own vbullletin site he thought I could help him

If only people learnt to read the "Forgotten Password" text. Oh wait isn't it displayed on every failed login page?

Quote:

You have entered an invalid username or password. Please press the back button, enter the correct details and try again. Don't forget that the password is case sensitive. Forgotten your password? Click here!

You have used 1 out of 5 login attempts. After all 5 have been used, you will be unable to login for 15 minutes.

Hmmmm something doesn't smell right. :confused:

jambo310

11-17-2007 03:33 PM

cool so ill they send him his pass via email?

--------------- Added [DATE]1195320984[/DATE] at [TIME]1195320984[/TIME] ---------------

oh wait this happens when i click send pass to email for his account:
The requested URL /login.php was not found on this server.

--------------- Added [DATE]1195321122[/DATE] at [TIME]1195321122[/TIME] ---------------

and he says this doesnt send him his odl pass which is what he wants

Analogpoint

11-17-2007 03:50 PM

Quote:

Originally Posted by Marco van Herwaarden (Post 1384217)

PS If you think rainbow tables is the solution, then you can forget it. ;)

No, I don't have time to d/l 60 gigs of rainbow tables. :)

m002.p

11-17-2007 05:29 PM

Whoever thinks they can get users passwords after encryption must have some talent, as far as I know its virtually impossible & if someone has worked that out it would have taken some time & effort to do so which worries me as why would someone go to that trouble? I really wouldnt want to know either. All i would say is that if I was the persons user of the forum, I would be seriously concerned.

Opserty

11-17-2007 05:31 PM

Quote:

Originally Posted by jambo310 (Post 1384431)

and he says this doesnt send him his odl pass which is what he wants

You can't you only have the option to reset passwords. Why do you need to know the exact old password anyway? All options will be available by resetting the password.

jambo310

11-17-2007 08:05 PM

nah cos he used it for like all the forums then he had one for games on one for ebay, amazon ect. so he asked me to get it for him but nvm lol this seems to have caused to much contorversey

Ba$im

11-17-2007 08:41 PM

I try do that
It work if password was english
go to phpmyadmin
then open user table you will find password as MH5
all what you need know convert it from mh5 to real entry
there are many tool crack mh5 try google

as I say I try this with english just

and maybe not work now

jambo310

11-17-2007 10:00 PM

ok so can anyone recomend a good tool to crack this?

BTW this is what my password file says:
password varchar(50) latin1_swedish_ci No

--------------- Added [DATE]1195344312[/DATE] at [TIME]1195344312[/TIME] ---------------

wait ok so i see his pass it is something like this:
cfed53f0c485700bd1e717160ec4499f

how can i turn this into real letters?

Andrew Green

11-17-2007 11:19 PM

Quote:

Originally Posted by jambo310 (Post 1384636)

You seem to be missing what everyone is saying. You cannot. What is stored is not the password, not really even a encrypted version of the password, but a hash of it. This is a one way function, you cannot recover the text based on it.

unknownkind

11-18-2007 02:51 AM

Heres a suggestion.. Which may help you.. where the forms are for user login why not just add another function that records what they entered if everything validates as true?

All times are GMT. The time now is 02:52 PM.

Page 3 of 4

Show 40 post(s) from this thread on one page

X vBulletin 3.8.12 by vBS Debug Information
Page Generation 0.01680 seconds Memory Usage 1,739KB Queries Executed 10 (?)
More Information
Template Usage: (1)ad_footer_end (1)ad_footer_start (1)ad_header_end (1)ad_header_logo (1)ad_navbar_below (6)bbcode_quote_printable (1)footer (1)gobutton (1)header (1)headinclude (6)option (1)pagenav (1)pagenav_curpage (3)pagenav_pagelink (1)post_thanks_navbar_search (1)printthread (10)printthreadbit (1)spacer_close (1)spacer_open Phrase Groups Available: global postbit showthread	Included Files: ./printthread.php ./global.php ./includes/init.php ./includes/class_core.php ./includes/config.php ./includes/functions.php ./includes/class_hook.php ./includes/modsystem_functions.php ./includes/class_bbcode_alt.php ./includes/class_bbcode.php ./includes/functions_bigthree.php Hooks Called: init_startup init_startup_session_setup_start init_startup_session_setup_complete cache_permissions fetch_threadinfo_query fetch_threadinfo fetch_foruminfo style_fetch cache_templates global_start parse_templates global_setup_complete printthread_start pagenav_page pagenav_complete bbcode_fetch_tags bbcode_create bbcode_parse_start bbcode_parse_complete_precache bbcode_parse_complete printthread_post printthread_complete
Messages: