Go Back   Xisp.org Forums > Porn Password Cracking > Porn Password Cracking Help Section

Unbreakable?

Reply
Views: 559 - Replies: 5  
Thread Tools Display Modes

Unbreakable?
Old 02-22-2005, 12:39 PM   #1
Testosteron
Guest
 
Posts: n/a
Threads: 5107
Default Unbreakable?

Unbreakable by brute force?

http://www.ovoce.pl

It's very strange site:

1. On my computer noone proxy works on it !? Every working proxy returns an error.

2. It has form, wchich is encrypted in MD5 before it's send by POST !?!?!? Is there any programme that bypasses it? FORM@ doesn't have in-process MD5 hashing
  Reply With Quote

Old 02-22-2005, 01:51 PM   #2
sPlico
The sPlicster
 
sPlico's Avatar
 
sPlico is offline Offline
Join Date: Jan 2005
Location: Croatia
Posts: 9,486
Threads: 407
sPlico is on a distinguished road
Default

Quote:
It has form, wchich is encrypted in MD5 before it's send by POST !?!?!? Is there any programme that bypasses it? FORM@ doesn't have in-process MD5 hashing
It's just a session id or some kind, not md hashing or something :) They wouldn't really let you see the hash :)

Form could be doable, all depends how good they've set that up. If they've set it up correctly, then it really isn't doable, but not because of "md5 hashing" :)
  Reply With Quote

Old 02-22-2005, 07:55 PM   #3
slysnake
Cheshire Cat
 
slysnake's Avatar
 
slysnake is offline Offline
Join Date: Jan 2005
Posts: 5,507
Threads: 315
slysnake is on a distinguished road
Default

Code:
<FORM ACTION="/login.pl" METHOD="POST" NAME="login" ID="login" onSubmit="hashform(this,'user','usermd5','pass','passmd5');return true">
__________________
"How do you know I'm mad?" said Alice.
"You must be," said the Cat, "or you wouldn't have come here."
  Reply With Quote

Old 02-22-2005, 08:15 PM   #4
sPlico
The sPlicster
 
sPlico's Avatar
 
sPlico is offline Offline
Join Date: Jan 2005
Location: Croatia
Posts: 9,486
Threads: 407
sPlico is on a distinguished road
Default

Heh, imust say i didn't look at that, but rather at
?;AC=5bf32f72277992573e03e005cb0255a0f85f8b11
which would be some session id :)

but, looking at that now
onSubmit="hashform(this,'user','usermd5','pass','passmd5')
shouldn't really have any impact on how form@ (or any bruter) performs as this is inbuilt function that site performs after user submits a user/pass, and that is what bruters do. Bruters (eg. users) aren't supposed to enter u/p in hash'd format, but in normal format, and then that function submits the values to the form in that order.

So, even tho i missed that, shouldn't have impact on form@ performance, tho, the AC=5bf32f72277992573e03e005cb0255a0f85f8b11 could/should make it undoable

:))))
  Reply With Quote

Old 02-22-2005, 11:16 PM   #5
slysnake
Cheshire Cat
 
slysnake's Avatar
 
slysnake is offline Offline
Join Date: Jan 2005
Posts: 5,507
Threads: 315
slysnake is on a distinguished road
Default

agreed, just pointing out where he probably got the concept from.
__________________
"How do you know I'm mad?" said Alice.
"You must be," said the Cat, "or you wouldn't have come here."
  Reply With Quote

Old 02-23-2005, 04:08 AM   #6
sPlico
The sPlicster
 
sPlico's Avatar
 
sPlico is offline Offline
Join Date: Jan 2005
Location: Croatia
Posts: 9,486
Threads: 407
sPlico is on a distinguished road
Default

Yea, thanks for correcting me :) I thought he got it from that AC=... :)
  Reply With Quote
Reply


Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump



All times are GMT -4. The time now is 08:35 AM.


vBulletin skin developed by: Xisp.org Crew
Powered by vBulletin®
Copyright ©2000 - 2021, Jelsoft Enterprises Ltd.
2005 Copyright Xisp.org