Welcome, Guest
You have to register before you can post on our site.



Search Forums

(Advanced Search)

Forum Statistics
» Members: 1,000
» Latest member: jayshawn
» Forum threads: 84
» Forum posts: 330

Full Statistics

Online Users
There are currently 33 online users.
» 0 Member(s) | 32 Guest(s)

Latest Threads
MDXFind uploading founds
Forum: Application Usage / Bugs
Last Post: jeanvalgean
09-12-2019, 02:22 PM
» Replies: 2
» Views: 8,981
dubsmash hash
Forum: General
Last Post: jeanvalgean
09-12-2019, 07:15 AM
» Replies: 1
» Views: 143
dubsmash hash decrypt hel...
Forum: General
Last Post: jeanvalgean
09-12-2019, 07:14 AM
» Replies: 4
» Views: 3,695
Wordpress hash
Forum: Technical
Last Post: nial
09-08-2019, 08:09 PM
» Replies: 4
» Views: 120
Wordpress hash
Forum: General
Last Post: nial
09-05-2019, 01:26 AM
» Replies: 0
» Views: 206
HIBPv5 Wordlist
Forum: General
Last Post: aedengeo
08-31-2019, 08:14 AM
» Replies: 2
» Views: 391
Help SHA-1 Hash
Forum: General
Last Post: s3in!c
08-27-2019, 04:33 PM
» Replies: 1
» Views: 411
[Ask/Help] Sha1 and Hash ...
Forum: General
Last Post: c0nt4ctu5
08-24-2019, 05:30 AM
» Replies: 1
» Views: 1,619
MD5 help!!
Forum: General
Last Post: lakiacs
08-22-2019, 09:44 PM
» Replies: 0
» Views: 460
000webhost dictionary
Forum: General
Last Post: maryrosie
08-19-2019, 03:23 AM
» Replies: 1
» Views: 22,608

  [ASK] help crack wpa/PMKID
Posted by: gayungan - 01-25-2019, 02:51 AM - Forum: General - No Replies

Help crack PMKID

im sorry if wrong post

Print this item

  Need help with Itunes backup encrypted.
Posted by: mj0098 - 01-01-2019, 05:21 AM - Forum: General - Replies (1)

Recently ran into issues with my phone, had to back it up before restoring it and sending it in for replacing, went to restore my backup to the new phone it asks for a password that I for the love of me cant remember.

Ninety percent of the time I wouldnt care and id just delete the backup and start anew, but my last memories of a loved one that has passed on are in the backup and Id really like to not lose them.

My computer wont support any kind attack, don't have a great gpu or anything, friend pointed me here and said I might be able to find some help. I made it through the steps of exporting the hash information from the manifest.pl if thats any help?

Any responses and any help are greatly appreciated, thank you for reading and have a happy new year.

Print this item

  Life saving hash breaking
Posted by: Rurphev - 12-03-2018, 01:06 PM - Forum: General - Replies (2)

Trying to make a long story short, big pharma screws sick people, by forcing them either to die of treatable diseases, or making them go bankrupt buying expensive medicine to keep alive. Little guy tries to upset the status quo, by using some startup revolutionary software to find safe, cheap new chemical pathways and teaching people how to jury-rig a lab and make their own medicine at home on the cheap-cheap, sidestepping big pharma completely. How does big pharma react to the threat to its business-death-model? It just reaches into its bottomless pockets and buy said startup, shutting out little guy from the software and the data he needs to do life-saving research. So little guy jury-rigged his own software to keep working, but still lacks the data necessary to work.

In a twist of fate, three anonymous whistleblowers published said data to the dark web, but there's a catch! The data is in a password protected https://twitter.com/michaelslaufer/statu...5602768896. Currently there's a https://twitter.com/hammersmith_the/stat...0130651138 on twitter banzai-charging against the hash, by means of a https://docs.google.com/spreadsheets/d/1...sp=sharing, no success up to now.

If somebody here wants to know more, there's https://livestream.com/internetsociety2/.../178392935 for a video where the little guy explains his research. The video seems to be incomplete, but he speaks about the leaked data between 6:00 and 10:05. https://motherboard.vice.com/en_us/artic...collective.

Older video, but complete: https://www.youtube.com/watch?v=Py5TkirrO-U

Most time I feel the world is reduced to a big dumpster fire of a place, but sometimes people like this Laufer guy raise to give me some hope.

Ran the file through zip2john -c, got this:


Print this item

  Does anyone use rainbow tables anymore?
Posted by: 0xdeadbeef - 09-30-2018, 11:26 AM - Forum: General - No Replies

Do you rainbow?

I know it takes a heck of a lot of time to generate decent tables with a very high probability of cracking all the things, and only decent for unsalted hashes, but they can be useful if you can wait a little while.

When hashcat can't try the entire keyspace with a brute-force, because perhaps you don't have enough GPUs for it, or are renting one in the cloud and it's expensive to keep running, maybe rainbow tables have a use-case today for those unsalted hashes.

It could be useful to eventually get all the unfound hashes that are not salted and don't have an iteration count. If there are reasonable assumptions that are correct most of the time. For instance, the charset to use in generating plaintexts and the length of the plaintexts, e.g. just upper, lower, digits, and lengths 8 to 15 for the uncracked pwd.

Print this item

  Kickstarter dump
Posted by: 0xdeadbeef - 09-27-2018, 03:28 AM - Forum: General - Replies (3)

I don't see Kickstarter dump here when I try to search for it in leaks.

Is everyone ignoring this, are the creds stuffed in a larger dump and it doesn't matter, or let's upload this as an individual leak/project and start cracking?

Just wondering. Thanks.

Print this item

  Hash type SHA1(SALTPLAIN) - disqus
Posted by: 0xdeadbeef - 09-24-2018, 03:53 PM - Forum: Technical - Replies (3)

I'm having trouble understanding the SHA1(SALTPLAIN) in disqus dump.

I would normally think the salt, in hex there, would always be divisible by 2 when in hex chars, not an odd number (like five chars). Although I suppose anything is possible.

The first few hashes look really hairy, lots of leading zeros. Reminds me of finding a PoW hash in Bitcoin mining Smile

So can someone help with the disqus format, which looks like this?


... lots of others, all the same. Maybe the salt has been accidentally cut off? Maybe it's encoding the salt in hex improperly? Or am I misinterpreting the hex and it's something else that looks exactly like a hex string?

Is SHA1(SALTPLAIN) the same as hashcat mode 120, i.e. sha1($salt.$pass)? Maybe there's an iteration in there that I'm missing?

Thanks for any help.

Print this item

  Posting links to tools on Github
Posted by: 0xdeadbeef - 09-24-2018, 03:30 AM - Forum: General - Replies (2)

Does anyone post links to tools on GitHub if they might be helpful?

I don't want to post just yet, in case I've missed something like some forum rules.

Some tools I have so far are really simple and easy to use, based on crackstation's tables, and my own python tools for generating new wordlists. I might fork a machine learning tool for password guessing, and train it up on a massive wordlist (rockyou and others) and test it out, if anyone's interested.


Print this item

  Can't upload founds
Posted by: 0xdeadbeef - 09-23-2018, 03:48 PM - Forum: General - Replies (1)

I can't upload any founds.

It tells me I need to be logged in first. I thought I could login with same credentials as here. Not so?

Any help appreciated.

Print this item

  I had to fix up the haskbase list
Posted by: 0xdeadbeef - 09-23-2018, 03:10 PM - Forum: Technical - Replies (2)

The hackbase list of hashes that were not yet cracked had some issues, with invalid tokens and missing separator for those with no salts.

I fixed them up and got a few hashes. Only got 17 of them with vBulletin < v3.8.5, hashcat mode 2611 once they were fixed up.

If there's no salt, add the colon. For some reason the hashes sometimes had ' on the end before the colon, which gave it an invalid token length. Once they were removed, and colons added for those without salts, there were no issues with invalid formatting.

Fixed hackbase list on request.

Print this item

  Supported hash type
Posted by: freeroute - 06-29-2018, 08:44 AM - Forum: Technical - Replies (2)

Hash type: md5($salt.sha1($salt.$pass)) supperted by mdxfind?


Print this item