Please ask questions ONLY in this topic.

Re: Please ask questions ONLY in this topic.

Post by fashizzlepop on Fri Dec 31, 2010 8:00 pm
([msg=51436]see Re: Please ask questions ONLY in this topic.[/msg])

I believe the mission tells you it uses an older encryption method. Ie. Newer than md5.

EDIT: Found it
When I hacked them I noticed everything they used was 10 years out of date and the new password seems to be a 'message digest'.
The glass is neither half-full nor half-empty; it's merely twice as big as it needs to be.
User avatar
fashizzlepop
Developer
Developer
 
Posts: 2303
Joined: Sat May 24, 2008 1:20 pm
Blog: View Blog (0)


Re: Please ask questions ONLY in this topic.

Post by bsmartt on Sun Jan 02, 2011 3:47 pm
([msg=51562]see Re: Please ask questions ONLY in this topic.[/msg])

I've been working on this one for a full day now.... Last night before I went to sleep I found some guy who wrote a brute-force md5 cracker in python. Great I thought, this is just what I need.... I used a-z, A-Z, and 0-9 as my char set (which this program takes as a cmd line arg). For some reason though it's including !@#$%^&*()_:;?/>< in the char set which is obviously making it take foreeeever. It's still running right now (~15 hrs later) and my computer is hot as hell. I'm getting impatient and looking for other ways to crack this code, I only have access to linux and mac os, so cain is not an option (blasted windows apps!!). I've been looking into using john the ripper, but I'm having trouble getting it to run... can a JTR pro help me get it working? Or a unixbeard to suggest a different app that might work better for me?

I used vim to make a file containing the md5 (I think/hope it actually is an md5), called a.in and am now trying to run JTR with:
./john a.in
but it exits immediately and tells me "No password hashes loaded".
bsmartt
New User
New User
 
Posts: 1
Joined: Sat Jan 01, 2011 4:47 pm
Blog: View Blog (0)


Re: Please ask questions ONLY in this topic.

Post by fashizzlepop on Sun Jan 02, 2011 11:12 pm
([msg=51578]see Re: Please ask questions ONLY in this topic.[/msg])

bsmartt wrote:(I think/hope it actually is an md5)

Haha, read the above posts.
The glass is neither half-full nor half-empty; it's merely twice as big as it needs to be.
User avatar
fashizzlepop
Developer
Developer
 
Posts: 2303
Joined: Sat May 24, 2008 1:20 pm
Blog: View Blog (0)


Re: Please ask questions ONLY in this topic.

Post by WestHFR on Fri Jan 14, 2011 8:01 pm
([msg=52187]see Re: Please ask questions ONLY in this topic.[/msg])

Well, I found the hash in just a few seconds. That part was easy if you know anything about website/google. However, trying to find a good hash cracker was a pain, and took awhile. I don't run Windows on any of my computers, they are all Ubuntu except for my *laptop* which run Backtrack 4-r2. Anyways, for others out there that have Linux the best cracker for this hash in my opinion, is lcrack "Lepton's Crack". It is the only thing I could find that would/could crack this type of hash. John the Ripper by default wont work. You have to add modules for the MD* hash type, where lcrack just works.
http://usuarios.multimania.es/reinob/

It's as simple as:
lcrack -m m** -xb+ -o CrackedPass.txt TheHash.txt

Where -m is the hash method, md4, md5, sha1, and so on.
-xb+ Means run incremental (brute-force) mode.
-o is the file to output the Cracked Password to.
TheHash.txt is the file you put the hash in you want to crack.

It took me about 10 seconds to crack it.

idk if this is a spoiler or not, if so someone please remove it. However, for it to work you have to add a username before the hash. Otherwise it doesn't recognize it as a hashed password.
WestHFR
New User
New User
 
Posts: 2
Joined: Sun Jan 09, 2011 7:29 pm
Blog: View Blog (0)


Re: Please ask questions ONLY in this topic.

Post by HepapatitiS on Thu Jan 20, 2011 2:10 am
([msg=52490]see Re: Please ask questions ONLY in this topic.[/msg])

This is personal opinion: Stop using JTR for this mission and use Cain&Abel!

When using Cain&Abel, under Crack category, you have to try which Hashes work.
If it takes you more than at max 20secs, abandon it and move to the next Hashes.

Trust me, it works for Cain&Abel, I just got it right..
HepapatitiS
New User
New User
 
Posts: 2
Joined: Wed Jul 08, 2009 8:45 am
Blog: View Blog (0)


Re: Please ask questions ONLY in this topic.

Post by warlock_flash on Thu Jan 20, 2011 7:50 am
([msg=52502]see Re: Please ask questions ONLY in this topic.[/msg])

:geek: guys this one's pretty easy as cain & abel does it all for u...
U crack this the moment u get the hash... nothing much to left...
Its MD4
U don't even need to mess up much with the settings...
warlock_flash
New User
New User
 
Posts: 1
Joined: Thu Jan 20, 2011 7:43 am
Blog: View Blog (0)


Re: Please ask questions ONLY in this topic.

Post by fashizzlepop on Fri Jan 21, 2011 4:02 pm
([msg=52585]see Re: Please ask questions ONLY in this topic.[/msg])

HepapatitiS wrote:This is personal opinion: Stop using JTR for this mission and use Cain&Abel!

Yeah, exactly, you just guessed which one it was. The mission info is pretty clear so you can deduce the right hash.

JTR is a great tool.
The glass is neither half-full nor half-empty; it's merely twice as big as it needs to be.
User avatar
fashizzlepop
Developer
Developer
 
Posts: 2303
Joined: Sat May 24, 2008 1:20 pm
Blog: View Blog (0)


Re: Please ask questions ONLY in this topic.

Post by n00bday on Wed Feb 23, 2011 1:41 pm
([msg=54120]see Re: Please ask questions ONLY in this topic.[/msg])

Hello,
I've seen numerous "Cain & Abel" suggestions, but I use linux. I've tried brute-forcing and dictionary-attacking with John the Ripper, but I'm pretty sure that the hash used isn't supported by JTR (MDx we'll call it). Does anyone have any suggestions or know of a site that has the source for C&A? If so I could just compile it and use it.

EDIT: Sorry being an asshat. I should've searched the topic for "linux" first. ;)
n00bday
New User
New User
 
Posts: 4
Joined: Wed Feb 23, 2011 1:38 pm
Blog: View Blog (0)


Re: Please ask questions ONLY in this topic.

Post by fashizzlepop on Wed Feb 23, 2011 4:15 pm
([msg=54132]see Re: Please ask questions ONLY in this topic.[/msg])

Cain & Abel was built with Windows in mind, you wouldn't be able to just compile it on *nix.

I suppose you figured it out?
The glass is neither half-full nor half-empty; it's merely twice as big as it needs to be.
User avatar
fashizzlepop
Developer
Developer
 
Posts: 2303
Joined: Sat May 24, 2008 1:20 pm
Blog: View Blog (0)


Re: Please ask questions ONLY in this topic.

Post by n00bday on Wed Feb 23, 2011 4:23 pm
([msg=54133]see Re: Please ask questions ONLY in this topic.[/msg])

Yeah, I figured it out. I just used lcrack instead, though many have said running C&A with wine is possible. I'm just not a fan of using wine to run windows progs when I can find a native alternative.
n00bday
New User
New User
 
Posts: 4
Joined: Wed Feb 23, 2011 1:38 pm
Blog: View Blog (0)


PreviousNext

Return to (Real 5) Damn Telemarketers!

Who is online

Users browsing this forum: No registered users and 0 guests