PRETTY WOMAN WHO LOOKED GOOD WAS

DNB1 · March 2012

^^^interesting.......

IcyLiquid · March 2012

lioness15 wrote: »

IcyLiquid wrote: »

Its more work to crack hashes than to phish, trust me.

hypothetically speaking if you have say a large Rainbow Table and you have the hashes, it wouldn't be very hard or time consuming to crack those hashes using PasswordPro for example.

This is all hypothetical, not that any of this was actually applied on the IC.

How would you account for the salt in this case though? I still feel like hash cracking would be the long way round when compared to phising.

Again though, I'm also only speculating because I was not around, but I have a hard time believing that a Rainbow Table would work as easily as you're saying with salted hashes.

vB's hash algorithm is:

HASH_PASS = MD5 ( CONCAT(md5(PLAIN_PASS), SALT) )

The salt is random per user, so a rainbow table would ... well it just wouldn't work really.

ChasinBenjamins · March 2012

This geek talk ruined the thread smh

IcyLiquid · March 2012

lioness15 wrote: »
IcyLiquid wrote: »
lioness15 wrote: »

IcyLiquid wrote: »

Its more work to crack hashes than to phish, trust me.

hypothetically speaking if you have say a large Rainbow Table and you have the hashes, it wouldn't be very hard or time consuming to crack those hashes using PasswordPro for example.

This is all hypothetical, not that any of this was actually applied on the IC.

How would you account for the salt in this case though? I still feel like hash cracking would be the long way round when compared to phising.

Again though, I'm also only speculating because I was not around, but I have a hard time believing that a Rainbow Table would work as easily as you're saying with salted hashes.

vB's hash algorithm is:
HASH_PASS = MD5 ( CONCAT(md5(PLAIN_PASS), SALT) )
The salt is random per user, so a rainbow table would ... well it just wouldn't work really.
In vbulletin you could get the hash and salt. The salt is random per user, but if you know the value of the salt would be accounted for in the PasswordPro program, thus allowing you to utilize a rainbow table, instead of a dictionary attack or bruteforcing which would have been very time consuming.

Hypothetically speaking one would have been able to gather the hash+salt combos on vbulletin through sql injection.

That does make sense. Was the previous iteration of vB running on this site susceptible to SQL injection attacks? I don't know what version it was.

Pico Roscoe · March 2012

Icy out here phishing you niggas smh

ChasinBenjamins · March 2012

Awww, would u look at that, the IC made a love connection.

JG, Icy, when's the wedding so that I could come through and shoot it up.

Gay nerds.. the fuck is the IC coming to yo?

Du_Du · March 2012

damn son....

there's like......an art to this shit.....

FieldTripsToTheHood · March 2012

this thread is a perfect example of why this site is vulnerable...there is a very frank discussion on how this may have happened and people are ignoring it like its jibberish. It might be... but some quick research into what is being talked about can open a flood of information about this topic.

Nevermind though, your passwords are safe lol.

Elzo69Revolutions · March 2012

* Takes notes*

bankrupt baller · March 2012

if you giving birds bread then let it be in the park

DNB1 · March 2012

smh @ not taking all this shit to PMs.....

thanks....tho...

Cain1 · March 2012

Elzo69Reloaded wrote: »

* Takes notes*

Make sure you check over your notes.

"Even if you have the keys doesn't mean you can drive the car"

Elzo69Revolutions · March 2012

Cain Marko wrote: »

Elzo69Reloaded wrote: »

* Takes notes*

Make sure you check over your notes.

"Even if you have the keys doesn't mean you can drive the car"

"Why would I need keys, if i got autostart...."

Cain1 · March 2012

Word............lol

Du_Du · March 2012

shit was mad educational...

even though i have no idea what the fuck i just learned.....

other than a nigga needa change that password daily...

Cain1 · March 2012

dusouljah wrote: »

shit was mad educational...

even though i have no idea what the fuck i just learned.....

other than a nigga needa change that password daily...

Especially you......smh

IcyLiquid · March 2012

dusouljah wrote: »

other than a nigga needa change that password daily...

No, just don't use a retarded password, and don't get phished, and don't use the same password for a forum as you use for your email.

Du_Du · March 2012

what about Chinese characters???

or is that taking it too far??

DNB1 · March 2012

I'm sorry, but lmao @ Du......hahahahaa

I'm clicking emotion buttons now......smh

riddlerap · March 2012

yeah buddy

Du_Du · March 2012

Dirty Sanchez wrote: »

I gave du a feelings cause he's fat

and i gave you a feelings because that dog is not a natural.......wait what color is that wig??

Du_Du · March 2012

what color is the fucking wig??

Du_Du · March 2012

no bitch he's running....and his adrenaline is up....

he's definitely doing it right......

go play fetch with a stick of dynamite....

Mr. Whatchasay · March 2012

after reading this thread, I'd say hacking is more lame than I thought....what a waste of a life

DNB1 · March 2012

lmao......I dont like c/s'ing retarded niggas like you but this the realest shit you ever wrote.......

AllHipHop.com

Forums

PRETTY WOMAN WHO LOOKED GOOD WAS

Replies