vb.org Archive

vb.org Archive (https://vborg.vbsupport.ru/index.php)
-   Community Lounge (https://vborg.vbsupport.ru/forumdisplay.php?f=13)
-   -   Something on dupeip.php (https://vborg.vbsupport.ru/showthread.php?t=53943)

Preech 06-06-2003 09:03 PM
Something on dupeip.php
 
Since this doesnt have anything to do with hacking....

on the dupeip.php where it shows the users password all encoded-like

is there any way to decipher that? I had a guy who lost his password and he wanted me to just get it for him and i couldn't i didn't know if there was a way to do so...

N9ne 06-06-2003 09:22 PM
No. All he has to do is get his pass reset and emailed to him, or you can change his password from the AdminCP and tell him his new password. md5 technology is used to hash passwords in vBulletin, and it will take months and lots of CPU power to crack just one hash...

Xenon 06-06-2003 09:37 PM
hash algorithms are not reversable, it's mathmatically impossible

Erwin 06-07-2003 12:37 AM
Quote:
Today at 08:37 AM Xenon said this in Post #3
hash algorithms are not reversable, it's mathmatically impossible

Yes, for you, for maths geniuses like me, it's not a problem.

"1 plus 1 equals... 2!!!"

;)

Hobbes 06-07-2003 02:34 AM
Quote:
Today at 06:37 PM Erwin said this in Post #4
Yes, for you, for maths geniuses like me, it's not a problem.

"1 plus 1 equals... 2!!!"

;)

LoL Erwin...funny :D

Xenon 06-07-2003 08:41 AM
*ggg* Erwin i doubt anyone would use +1 as a hash algorithm ;)

But you're right, i wasn't exactly enough:
good hash algorithms are not reversable :)

Dan 06-07-2003 01:36 PM
I thought anything done in math is reversable if you know how to do it....

colicab-d 06-07-2003 01:46 PM
yeah but if something insane like a super computer has generated it then god help a home pc...

i think it takes like 2weeks high cpu usage ona 2ghz p4 to decifer a 5 letter md5 password, or so scott was saying..

N9ne 06-07-2003 01:57 PM
and vBulletin uses, what, 16 bit strings for md5?

Xenon 06-07-2003 02:03 PM
@Oricon:

PHP Code:
$x=2;
$y=2;
echo $x+$y
this will output 4, but if you just hav the 4 you cant say what x and y have been, 1+3 is also 4 :)

Dan 06-07-2003 02:12 PM
/me shuts up and walks away quitely

SharronH 07-27-2003 01:37 AM
Quote:
06-07-03 at 03:46 PM colicab-d said this in Post #8
yeah but if something insane like a super computer has generated it then god help a home pc...

i think it takes like 2weeks high cpu usage ona 2ghz p4 to decifer a 5 letter md5 password, or so scott was saying..

Actually, it only takes <1 minute to decode the 5-letter md5 password on my supercomputer.

filburt1 07-27-2003 02:08 AM
However, it took you 1.5 months to reply to this post :)

Chris M 07-27-2003 09:38 AM
LMAO:p

AFAIK md5 hashes are impossible to decrypt, and also now that vB3 is here, one md5 hash won't work on another site;)

Satan

filburt1 07-27-2003 12:50 PM
Modulus division (the remainder of a division) is irreversible. :)

SharronH 07-28-2003 09:50 AM
Quote:
Yesterday at 04:08 AM filburt1 said this in Post #13
However, it took you 1.5 months to reply to this post :)

Unfortunately, I have a life and I don't hang out on forums everyday unlike some people :)

SharronH 07-28-2003 09:57 AM
Quote:
Yesterday at 11:38 AM hellsatan said this in Post #14
LMAO:p

AFAIK md5 hashes are impossible to decrypt, and also now that vB3 is here, one md5 hash won't work on another site;)

Satan

Every encryption & hashing algorithm has a weak point which can be exploited. I work for a security company that deals with encryption/decryption/krytology related technology and I know for a fact that MD5 hashing isn't as secure as people are taught to believe. If you still think MD5 is secure, then give me an MD5 hash and I'll give you the password in plain text. It's easy to reverse the process md5 hashing process and get the real password or a collision (different pass but same md5 hash).

Xenon 07-28-2003 10:14 AM
Quote:
then give me an MD5 hash and I'll give you the password in plain text
That's impossible and if you are working on a sec company you should know it.

Quote:
get the real password or a collision (different pass but same md5 hash)
Now here you are right, as it's a hashing algorithm you can find collisions which have the same md5 hash, but it's absolutely impossible to say if it was the original pw or not


All times are GMT. The time now is 02:25 PM.

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.

X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.01109 seconds
  • Memory Usage 1,753KB
  • Queries Executed 10 (?)
More Information
Template Usage:
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)bbcode_php_printable
  • (7)bbcode_quote_printable
  • (1)footer
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (6)option
  • (1)post_thanks_navbar_search
  • (1)printthread
  • (18)printthreadbit
  • (1)spacer_close
  • (1)spacer_open 
Phrase Groups Available:
  • global
  • postbit
  • showthread
Included Files:
  • ./printthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/class_bbcode_alt.php
  • ./includes/class_bbcode.php
  • ./includes/functions_bigthree.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • printthread_start
  • bbcode_fetch_tags
  • bbcode_create
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • printthread_post
  • printthread_complete