Cracked.TO Database - Leaked, Download! [Exclusive]
by Omnipotent - August 09, 2019 at 05:22 AM
#61
How'd you pull the hack off? Was it running a vulnerable version of mybb?
Reply
#62
thanks bro for share
plz don't forget https://crack.sx
Reply
#63
(August 13, 2019 at 02:45 AM)Unspoken Wrote:
(August 12, 2019 at 03:31 PM)liff Wrote: In case someone wonders what hashing algo was used:

They just hashed existing MyBB hashes with bcrypt algo. It means that in order to crack hashes you need to generate hash for this algorithm md5(md5($salt).md5($pass)) $salt can be found in column named "salt" and then you just need to use that generated hash as pass candidate for bcrypt.

Thanks to UnPirlaACaso for providing confirmed plaintext

I guess I can be an engineer now Tongue

TL;DR: Algo is bcrypt(md5(md5($salt).md5($pass)))

Let me know if you'd like some help Wink
Are you going to decipher this dump?
Reply
#64
(August 12, 2019 at 10:41 PM)TaganRock1 Wrote:
(August 12, 2019 at 03:31 PM)liff Wrote: In case someone wonders what hashing algo was used:

They just hashed existing MyBB hashes with bcrypt algo. It means that in order to crack hashes you need to generate hash for this algorithm md5(md5($salt).md5($pass)) $salt can be found in column named "salt" and then you just need to use that generated hash as pass candidate for bcrypt.

Thanks to UnPirlaACaso for providing confirmed plaintext

I guess I can be an engineer now Tongue

TL;DR: Algo is bcrypt(md5(md5($salt).md5($pass)))
It will be very difficult to decipher. Almost unreal. And it will take a long time.

They are using DVZ Hash plugin, the database has active sessions and we only need server files. With server files, and within mybb admin panel -> DVZ Hash, there is a button to revert encryption for all users back to MD5
Reply
#65
(August 13, 2019 at 10:52 AM)Coolyou Wrote:
(August 12, 2019 at 10:41 PM)TaganRock1 Wrote:
(August 12, 2019 at 03:31 PM)liff Wrote: In case someone wonders what hashing algo was used:

They just hashed existing MyBB hashes with bcrypt algo. It means that in order to crack hashes you need to generate hash for this algorithm md5(md5($salt).md5($pass)) $salt can be found in column named "salt" and then you just need to use that generated hash as pass candidate for bcrypt.

Thanks to UnPirlaACaso for providing confirmed plaintext

I guess I can be an engineer now Tongue

TL;DR: Algo is bcrypt(md5(md5($salt).md5($pass)))
It will be very difficult to decipher. Almost unreal. And it will take a long time.

They are using DVZ Hash plugin, the database has active sessions and we only need server files. With server files, and within mybb admin panel -> DVZ Hash, there is a button to revert encryption for all users back to MD5
Then appeal to those who hacked: please Do it!
Reply
#66
Thanks for sharing such a huge amount of special data with us!
Reply
#67
holllllllaaaa graciassssssssssssssssssss
Reply
#68
just came from there funny
Reply
#69
Damn bro, full leak. That is impressive
Reply
#70
nice bro! cant wait to check it out
Reply
#71
Damn thanks for sharing bruh
Reply
#72
Sicko mode

Keep up the great work
Reply

Possibly Related Threads…
Thread Author Replies Views Last Post
xHamster.com Database - Leaked, Download! citadel 39 11,645 43 minutes ago
Last Post: lucasredway
Nulled Database - Leaked, Download! vinyatsky 85 18,879 1 hour ago
Last Post: Fluxo
Vodaphone Database - Leaked, Download! Omnipotent 26 7,512 1 hour ago
Last Post: Fluxo

 Users browsing this thread: 2 Guest(s)