Welcome, Guest
You have to register before you can post on our site.

Username
  

Password
  





Search Forums

(Advanced Search)

Forum Statistics
» Members: 830
» Latest member: Maxer18
» Forum threads: 76
» Forum posts: 307

Full Statistics

Online Users
There are currently 12 online users.
» 1 Member(s) | 11 Guest(s)
Maxer18

Latest Threads
help me please...
Forum: General
Last Post: al1ne3737
06-05-2019, 07:38 PM
» Replies: 0
» Views: 341
[Ask/Help] Sha1 and Hash ...
Forum: General
Last Post: tablesecurity
06-03-2019, 08:56 PM
» Replies: 0
» Views: 323
$HEX - Plains inside foun...
Forum: Technical
Last Post: s3in!c
05-13-2019, 11:08 AM
» Replies: 1
» Views: 1,543
WPA |Does any1 crack them...
Forum: General
Last Post: mysterdee888
04-19-2019, 02:57 PM
» Replies: 0
» Views: 967
dubsmash hash decrypt hel...
Forum: General
Last Post: midireprivada
04-10-2019, 07:29 PM
» Replies: 2
» Views: 1,673
Suggestions for Massive C...
Forum: General
Last Post: jfoster
04-10-2019, 02:31 AM
» Replies: 0
» Views: 1,058
hash cracking on SBCs
Forum: Application Usage / Bugs
Last Post: DerpUP
03-31-2019, 07:31 PM
» Replies: 0
» Views: 722
myheritage hash decrypt h...
Forum: General
Last Post: beaverfever
03-14-2019, 03:33 AM
» Replies: 3
» Views: 2,091
[ASK/HELP] What kind of H...
Forum: General
Last Post: superherolarry
02-27-2019, 10:52 PM
» Replies: 4
» Views: 2,611
Hashes.Org Left Manager (...
Forum: General
Last Post: s3in!c
02-27-2019, 04:53 PM
» Replies: 17
» Views: 50,740

 
  Solving Junk Founds
Posted by: Caseynova - 02-18-2019, 03:44 AM - Forum: General - Replies (3)

I've been doing some analysis of the founds and in particular the "junks". Quite a lot of these are just misdiagnosed original hashes and can still be solved.

E.g. a MD5X2 hash has been cracked as MD5, giving the "inner" MD5 hash as the "password" which then gets identified as a junk result. 

Now I'm happy to clean up the "junk" and in the example above, recrack the original hash as MD5X2, but my question is, whether once flagged as "found", a new upload will overwrite the currently incorrect algorithm and password?

Print this item

Exclamation Forum Rules
Posted by: s3in!c - 02-15-2019, 05:59 PM - Forum: General - No Replies

Not respecting the rules can lead to instant ban or warnings, depending on the type of violation. The rules might be updated without explicitly notifying the user.

We are not a hacking site. Requests dealing with anything potentially illegal or questionable material will be dealt with accordingly.

  • No double posting or unnecessary bumping.
  • Do not post any personal details, always mask specific data (IPs, names, etc.).
  • Only post hash cracking request for hashes which are not supported by Hashes.org automatically.
  • No thread hijacking.
  • Language is English, posts in other languages will be removed.
  • Describe problems/questions appropriately and name your topic accordingly (also no caps lock texts).
  • No advertising/selling/spam topics.
  • When having large text files (e.g. logs) don't put them in the text, use attachments instead.

Print this item

  [ASK] help crack wpa/PMKID
Posted by: gayungan - 01-25-2019, 02:51 AM - Forum: General - No Replies

Help crack PMKID
1-db16cec1e1f0496b037ea39c109c065c*289e97f256ec*205ef7e8cdee*4661726f75715f6f7669<br/>
2-449ba074be85c5c89dc0322dafdc94d2*14a0f8f72f88*b4cb577117ed*43414c4c49535441<br/>

im sorry if wrong post

Print this item

  Need help with Itunes backup encrypted.
Posted by: mj0098 - 01-01-2019, 05:21 AM - Forum: General - Replies (1)

Recently ran into issues with my phone, had to back it up before restoring it and sending it in for replacing, went to restore my backup to the new phone it asks for a password that I for the love of me cant remember.

Ninety percent of the time I wouldnt care and id just delete the backup and start anew, but my last memories of a loved one that has passed on are in the backup and Id really like to not lose them.

My computer wont support any kind attack, don't have a great gpu or anything, friend pointed me here and said I might be able to find some help. I made it through the steps of exporting the hash information from the manifest.pl if thats any help?

Any responses and any help are greatly appreciated, thank you for reading and have a happy new year.

Print this item

  Life saving hash breaking
Posted by: Rurphev - 12-03-2018, 01:06 PM - Forum: General - Replies (2)

Trying to make a long story short, big pharma screws sick people, by forcing them either to die of treatable diseases, or making them go bankrupt buying expensive medicine to keep alive. Little guy tries to upset the status quo, by using some startup revolutionary software to find safe, cheap new chemical pathways and teaching people how to jury-rig a lab and make their own medicine at home on the cheap-cheap, sidestepping big pharma completely. How does big pharma react to the threat to its business-death-model? It just reaches into its bottomless pockets and buy said startup, shutting out little guy from the software and the data he needs to do life-saving research. So little guy jury-rigged his own software to keep working, but still lacks the data necessary to work.

In a twist of fate, three anonymous whistleblowers published said data to the dark web, but there's a catch! The data is in a password protected https://twitter.com/michaelslaufer/statu...5602768896. Currently there's a https://twitter.com/hammersmith_the/stat...0130651138 on twitter banzai-charging against the hash, by means of a https://docs.google.com/spreadsheets/d/1...sp=sharing, no success up to now.

If somebody here wants to know more, there's https://livestream.com/internetsociety2/.../178392935 for a video where the little guy explains his research. The video seems to be incomplete, but he speaks about the leaked data between 6:00 and 10:05. https://motherboard.vice.com/en_us/artic...collective.

Older video, but complete: https://www.youtube.com/watch?v=Py5TkirrO-U

Most time I feel the world is reduced to a big dumpster fire of a place, but sometimes people like this Laufer guy raise to give me some hope.

Ran the file through zip2john -c, got this:

reaxys.tar/reaxys.arff:$pkzip2$1*1*1*0*8*24*0fbd*75aa*412708a72473c976384766d0bacbfb959df43c616a2270c61fff60ca8252e9ca1b9de7f6*$/pkzip2$:reaxys.arff:reaxys.tar</r>

Print this item

  Does anyone use rainbow tables anymore?
Posted by: 0xdeadbeef - 09-30-2018, 11:26 AM - Forum: General - No Replies

Do you rainbow?

I know it takes a heck of a lot of time to generate decent tables with a very high probability of cracking all the things, and only decent for unsalted hashes, but they can be useful if you can wait a little while.

When hashcat can't try the entire keyspace with a brute-force, because perhaps you don't have enough GPUs for it, or are renting one in the cloud and it's expensive to keep running, maybe rainbow tables have a use-case today for those unsalted hashes.


It could be useful to eventually get all the unfound hashes that are not salted and don't have an iteration count. If there are reasonable assumptions that are correct most of the time. For instance, the charset to use in generating plaintexts and the length of the plaintexts, e.g. just upper, lower, digits, and lengths 8 to 15 for the uncracked pwd.

Print this item

  Kickstarter dump
Posted by: 0xdeadbeef - 09-27-2018, 03:28 AM - Forum: General - Replies (3)

I don't see Kickstarter dump here when I try to search for it in leaks.

Is everyone ignoring this, are the creds stuffed in a larger dump and it doesn't matter, or let's upload this as an individual leak/project and start cracking?

Just wondering. Thanks.

Print this item

  Hash type SHA1(SALTPLAIN) - disqus
Posted by: 0xdeadbeef - 09-24-2018, 03:53 PM - Forum: Technical - Replies (3)

I'm having trouble understanding the SHA1(SALTPLAIN) in disqus dump.

I would normally think the salt, in hex there, would always be divisible by 2 when in hex chars, not an odd number (like five chars). Although I suppose anything is possible.

The first few hashes look really hairy, lots of leading zeros. Reminds me of finding a PoW hash in Bitcoin mining Smile

So can someone help with the disqus format, which looks like this?

Code:
4d58c8aad8de711a3c2a353ba9d7434d20f2d4ad:5159d
4d58d010ce49e8221933b97757ae906a927a770f:977b3
4d58d0398e648eaf21e68091d88eea31e1cdfbc4:c7204
4d58d6a15096e086f13a9a5cecf32adcf701c3a3:30007
4d58d810e17dad199d31aa9187c63fb4b996955c:59b99
4d58d82cd38d60ef0deda2995be49529386a48af:ce857
4d58d857632b6e19895deec05bb905b7a6bff875:a2a17

... lots of others, all the same. Maybe the salt has been accidentally cut off? Maybe it's encoding the salt in hex improperly? Or am I misinterpreting the hex and it's something else that looks exactly like a hex string?

Is SHA1(SALTPLAIN) the same as hashcat mode 120, i.e. sha1($salt.$pass)? Maybe there's an iteration in there that I'm missing?

Thanks for any help.

Print this item

  Posting links to tools on Github
Posted by: 0xdeadbeef - 09-24-2018, 03:30 AM - Forum: General - Replies (2)

Does anyone post links to tools on GitHub if they might be helpful?

I don't want to post just yet, in case I've missed something like some forum rules.

Some tools I have so far are really simple and easy to use, based on crackstation's tables, and my own python tools for generating new wordlists. I might fork a machine learning tool for password guessing, and train it up on a massive wordlist (rockyou and others) and test it out, if anyone's interested.

Thanks.

Print this item

  Can't upload founds
Posted by: 0xdeadbeef - 09-23-2018, 03:48 PM - Forum: General - Replies (1)

I can't upload any founds.

It tells me I need to be logged in first. I thought I could login with same credentials as here. Not so?

Any help appreciated.

Print this item