The Arcive of Official vBulletin Modifications Site.It is not a VB3 engine, just a parsed copy! |
|
#11
|
||||
|
||||
If he got access to the database, he could just create a new account with Admin access if he wanted. Or he could temporarily change the password of your moderator.
You have more problems to worry about than a moderator's account. |
#12
|
|||
|
|||
Create a test account and provide your firend with the hash. Ask him to provide the real password.
|
#13
|
|||
|
|||
Cracking hashes is pretty easy if you know what are you doing...
see this for examples... https://vborg.vbsupport.ru/showthread.php?t=199526 |
#14
|
|||
|
|||
Err, you are ALL wrong!
Cracking vBulletin hash's and salts is extremely easy. All you need to know, is the hash format, which is: MD5(MD5(password).salt) People load a dictionary, set it to dictionary mode, load the user: password:email list, and within seconds, all the easy passwords are cracked. Leave it an hour or so and the more difficult passwords are cracked. If the rest aren't cracked by the end, changes are they're using an extremely hard password. Make sure you use a combination of lowercase, higher case, numbers, letters, and special characters when you generating a password: Example: ()Q@[]4[[!*^Yejfbn f(@344{P}{(*&@ - Virtually impossible to brute & dictionary attack. Cheers |
#15
|
||||
|
||||
That is assuming the attacker knows the salt.
|
#16
|
|||
|
|||
The salt hash is IN the database marked under "salt".
If they have the database, they have the salt, email, and basically every single bit of info displayed on the website. Cheers, |
#17
|
||||
|
||||
Exactly!!
|
Thread Tools | |
Display Modes | |
|
|
X vBulletin 3.8.12 by vBS Debug Information | |
---|---|
|
|
More Information | |
Template Usage:
Phrase Groups Available:
|
Included Files:
Hooks Called:
|