Welcome, Guest
You have to register before you can post on our site.

Username
  

Password
  





Search Forums

(Advanced Search)

Forum Statistics
» Members: 842
» Latest member: BeckySpencer
» Forum threads: 76
» Forum posts: 307

Full Statistics

Online Users
There are currently 13 online users.
» 0 Member(s) | 12 Guest(s)
Bing

Latest Threads
help me please...
Forum: General
Last Post: al1ne3737
06-05-2019, 07:38 PM
» Replies: 0
» Views: 461
[Ask/Help] Sha1 and Hash ...
Forum: General
Last Post: tablesecurity
06-03-2019, 08:56 PM
» Replies: 0
» Views: 401
$HEX - Plains inside foun...
Forum: Technical
Last Post: s3in!c
05-13-2019, 11:08 AM
» Replies: 1
» Views: 1,633
WPA |Does any1 crack them...
Forum: General
Last Post: mysterdee888
04-19-2019, 02:57 PM
» Replies: 0
» Views: 1,062
dubsmash hash decrypt hel...
Forum: General
Last Post: midireprivada
04-10-2019, 07:29 PM
» Replies: 2
» Views: 1,811
Suggestions for Massive C...
Forum: General
Last Post: jfoster
04-10-2019, 02:31 AM
» Replies: 0
» Views: 1,154
hash cracking on SBCs
Forum: Application Usage / Bugs
Last Post: DerpUP
03-31-2019, 07:31 PM
» Replies: 0
» Views: 793
myheritage hash decrypt h...
Forum: General
Last Post: beaverfever
03-14-2019, 03:33 AM
» Replies: 3
» Views: 2,235
[ASK/HELP] What kind of H...
Forum: General
Last Post: superherolarry
02-27-2019, 10:52 PM
» Replies: 4
» Views: 2,766
Hashes.Org Left Manager (...
Forum: General
Last Post: s3in!c
02-27-2019, 04:53 PM
» Replies: 17
» Views: 50,998

 
  "salted hashes" separate upload please????
Posted by: tibit - 01-01-2017, 03:18 PM - Forum: General - Replies (1)

Hi all,

Hashes.org asks you to upload the hashes without salts ... but this is wrong!!! when it comes to 'salted hashes'.

It will only handle salted hashes if you do upload in the hash : salt format

I see loads of vbuletin, IPB and Joomla, all lacking there salts and therefore unsolvable!

So my wish for 2017:

People please do upload the salts when the hashes are salted hash!!! (hash : salt)
Seinic, please make a separate upload item where people can upload there salted hashes

I really hope this can be done in 2017!!

Thanks a lot and wish you all a happy 2017

tibit

Print this item

  Hashey.org My Searches page is empty
Posted by: freeroute - 12-05-2016, 05:32 PM - Forum: Technical - Replies (2)

Hi,

Login to hashes.org and navigate to >> Lists >> My Searches web page.
I got an empty page. Everything was fine before last week. Something happened, I could not see my lists.

Could you help me?
Thank you in advance.

Print this item

  Bulk submit API would be more efficient, lead to higher request/min cap maybe
Posted by: perfectfire - 09-21-2016, 04:38 PM - Forum: Technical - No Replies

So currently I've been developing a script to check my found hashes using the API and I noticed that a lot of the packets for a single API query are for establishing a TLS connection:
[Image: gutBXFk.png]

Notice there's only two packets for sending data out of the 41 packets for the entire session for a single query. If we had a bulk submit API where we could send 20/30/40 queries in a single request that would remove most of the overhead of 39 packets/per query for establishing and closing a connection. Instead it would be 39 packets per 20/30/40 queries. This would alleviate some of the load on the API server and maybe the cap could be increased from 20/min to 30 or 40 per minute.

It's just a suggestion. I'd do it myself if I could Wink

Print this item

  Some observations on the Myspace dump
Posted by: frekvent - 07-04-2016, 08:07 PM - Forum: General - Replies (1)

Now that the Myspace dump is public, it might be interesting to add
the unsalted SHA-1 hashes (116.8 million unique) to the public "leaked
lists". The full dump is available as a torrent here:

https://myspace.thecthulhu.com (15GiB)

Additionally, I have uploaded a file with just the unique unsalted sha1 hashes here:

https://transfer.sh/lGA95/myspace-unsalted-sha1.txt.xz (2.1 GiB)

SHA1: 3c4da283e594773070404b646940fe14933668dd

Once unrared the file is a 33GiB large textfile with 360213049 rows. Here is 10 lines selected at random:

Code:
543856369:************@yahoo.com:543856369:0x89166CFDE7D45E39B21206DAFA612C9FB4DAA92F:0xC785C1A73DA65BAFA40C572BEC840D1E70AA0DAE
499145944:************@hotmail.com:499145944:0x612F560AB94F488B859B7BFB1D7A9D4EE4FA443B:''
499250123:************@woodyahoo.com:499250123:0xB2E6577D53B88CD3A00C404B11556AFF12454144:''
29775087:************@hotmail.com:************:0x1C19E741FF826D9AAED6DB7A1909E4E8D8A92286:''
460542274:************@yahoo.com:460542274:0xBAAFE1E377A382790B828DE507A58A8A20E87C2C:''
543844275:************@hotmail.com1:543844275:0x1EF9E7810B8A65BCEE41F687E607658372F2AB3B:0x7C9A7B3F8BD57EC9B430440AACE143B6FF82CE02
408108080:************@gmx.at:************:0x8C9BE18DCF82225AB7E76A4EA6389F668116DFDB:''
565243804:************@voila.fr:************:0xFD8E45C9F9FD1BAB8C2D938EC9398F7B5E0F2C78:0x246D7F35E06BDD1D56737B657D5E4CD2C0E00CB5
146144766:::'':''
466504840:************@yahoo.com:466504840:0x74E3090558267BFE8E7F491E007CE262F3BD3CCD:''

The format of each record is
Code:
id : email : id/username : sha1(strtolower(substr($pass, 0, 9))) : sha1($id . $pass)
  • Field 1 is an integer.
  • Field 2 should be an email address but can contain any junk including unescaped newlines and colons. This has to be taken into account when parsing the data.
  • Field 3 is either an user id identical to field 1 or an username.
  • Field 4 is a sha1 hash of the password. The password was converted to lowercase and truncated to 10 characters before hashing.
  • Field 5 is a salted sha1 hash of the password. The salt is the user id in field 1. Unlike field 4 the password doesn't appear to have been lowercased and truncated before hashing.
Counting hashes
Each record that has a hash in field 5 also has a hash in field 4 but the converse is not true. Some records have no hashes at all. In total 359006286 records have an associated password.

Code:
$ tr -d '\r' <Myspace.com.txt | grep -E "'':0x[A-F0-9]{40}$" | wc -l
0
$ tr -d '\r' <Myspace.com.txt | grep -E ":0x[A-F0-9]{40}:''$" | wc -l
290524629
$ tr -d '\r' <Myspace.com.txt | grep "'':''$" | wc -l
1206372
$ tr -d '\r' <Myspace.com.txt | grep -E '(:0x[A-F0-9]{40}){2}$' | wc -l
68481657

Recovering salted passwords
The password in field 4 is a truncated and lowercased version of the password in field 5. One can use the truncated password in field 4 to recover the full password in field 5. If the password is shorter than 10 characters this is trivial.

Code:
$ echo -n 123456 | openssl sha1 | sed 's/.* //;y/abcdef/ABCDEF/;s/^/0x/'
0x7C4A8D09CA3762AF61E59520943DC26494F8941B
$ grep -F 0x7C4A8D09CA3762AF61E59520943DC26494F8941B:0x Myspace.com.txt |
tr -d '\r' |
awk -F: '{ print $(NF) ":" $1 }' |
sed 's/..//' |
tr A-F a-f > test.hash
$ wc -l test.hash
269356 test.hash
$ hashcat -m 120 test.hash -a3 123456 -o /dev/null
Initializing hashcat v2.00 with 4 threads and 32mb segment-size...

Added hashes from file test.hash: 269356 (269356 salts)

                                           
All hashes have been recovered

Input.Mode: Mask (123456) [6]
Index.....: 0/1 (segment), 1 (words), 0 (bytes)
Recovered.: 269356/269356 hashes, 269356/269356 salts
Speed/sec.: - plains, - words
Progress..: 1/1 (100.00%)
Running...: 00:00:00:05
Estimated.: --:--:--:--
...

Extracting hashes from the dump
To extract the unsalted hashes in field 4 I use Awk. The fact that field 2 can contain newlines and colons makes it more difficult.

Code:
$ awk -F: '!/(:0x[A-F0-9]{40}|:''){2}$/ { print $(NF-1) }' Myspace.com.txt |
sed 's/..//' |
tr -s '\n' |
tr A-F a-f |
sort -u > myspace-unsalted.sha1.txt
$ wc -l myspace-unsalted-sha1.txt
116825318 myspace-unsalted-sha1.txt
$ du -h myspace-unsalted-sha1.txt
4.5G    myspace-unsalted-sha1.txt

Here is the result
https://transfer.sh/lGA95/myspace-unsalted-sha1.txt.xz

That's it for now. The purpose of this thread is to discuss the Myspace dump.

Print this item

  multiple sort tools mst not working with bigger wordlists
Posted by: navaneet31 - 05-09-2016, 11:29 AM - Forum: General - Replies (1)

https://redmine.smallutilities.org/proje...-mst/files

Hi,

i have tried item parsing in that tool but its not working with large wordlists.Please help me to solve any way to debug the tool and is there any way to know the progress?

Print this item

  suggestion for left list
Posted by: elackops - 03-03-2016, 12:32 AM - Forum: General - Replies (2)

Hi,

I have suggestion i really hope it can be done on hashes.org!,

As the left is big, why not add a left list which updated weekly, only left which submitted through the week.
It will make us recover even more, cause running attacks on smaller list is more effective than the big one.
This also will make more people contribute on recovering hashes, cause more possible, as you know many have low budget PC specs.

Thanks!

Print this item

  salt list for hash cracking
Posted by: elackops - 02-29-2016, 08:28 PM - Forum: General - No Replies

Hi,

I thought i would share this, it helps to clean bad salted hashes, by cracking them. I did extract the salts from real salted hashes with 3 character salt.
This list useful for combination attack, It may take some time, so combine the salts with common passwords for faster cracking.

cracked hashes gonna look like this (md5($pass.$salt)

123456789us8
6747usu
123456789utS
123123123uv$
861111upC
123456789uwm
123456789uxN
1230123ux&


Regards

https://www.sendspace.com/file/jnc9w4

Print this item

  fake, corrupt and other crap hashes.
Posted by: tibit - 02-26-2016, 08:01 AM - Forum: General - Replies (2)

Hi,

Last week there was again a bunch of crap posted!!
I was wondering wether it is possible to add a separate (downloadable) left list with all the hashes that might be crap, but can't be proven. Stuff like : 00000000000000000000000000000001,00000000000000000000000000000002, 00000000000000000000000000000003, untill 0f0ff0f0f0f0f0f0f0f0f0f0f0f0f0f0f0f0f, ffffffffffffffffffffffffffffffffffff and similar. I scraped about 100 mb of hashes from the left list that contain more tha 16 "0" chars.
It would make the left a little lighter and would be more easy to handle.

Thank you for any reply

tibit

Print this item

  Last weeks found lists
Posted by: Milzo - 02-21-2016, 10:20 PM - Forum: General - Replies (2)

Has anyone got a copies dated 14.02 for the found plains & junk 2016.

I did have them but I got a bit carried away with rm -f :-D

Print this item

  Unsupported Founds
Posted by: Milzo - 02-14-2016, 02:35 PM - Forum: General - Replies (5)

Marked as "Other" with MDXfind converter so posting here.

2820 MD5SHA1SHA1MD5x02
766 SHA1-1xSHA1psubpx01

Print this item