InterPals Database - Leaked, Download!
by Rhythm - 11-13-2017, 02:10 PM
#13
How to dehash the passwords?
Reply
#14
(03-21-2018, 02:11 AM)pannigapahe Wrote: It seems that at the end of the file has some sort of 'insufficient' hashes, I am not sure personally whats going on, but as stated previously this does seem incomplete with not all the users.

I confirm that. The end of the file is uncomplete Exclamation
Reply
#15
(11-13-2017, 02:54 PM)Arvectus Wrote: Thanks for sharing, a lot of people would need this,

I gotta say .... this is one seriously messed up 600mb file due to weird line breaks.

I had to run at least 3 regex find and replace to try and fix the line breaks, and its still messy.

There is most probably a more original copy than this somewhere, without insane line breaks.

just downloaded and noted that... its gonna take gd time to fix it if at all 100% fixable Tongue
Reply
#16
thanks for this! awesome
Reply
#17
Thumbsup 
Thank you ! Been looking for this :D
Reply
#18
I was also looking for this. Thank you!
Reply
#19
I dont think this one works
Reply
#20
Nice thank you very much !
Reply
#21
Nice one, this one is def legit.
Reply
#22
Thx,BODY!
download and have a look
Reply
#23
thank you very much!
Reply
#24
were you about to dehash ???

(06-19-2018, 01:08 PM)JoanCoast Wrote: Are you sure the password format is MD5 / phpBB (mode 400 in hashcat) ?
To me it seems it is bcrypt (mode 3200 in hashcat)...

So let me clarify...
The database fields are : name, username, email, birth, city, state, country, password_hash, password_enc, password_md5
eg.
prathiba amynamy [email protected] 1981-09-01 Villiers-le-Bel $2y$10$7S3bVQN6UmKiZ0pzN/0w6.m71VK6bWXCxkHHMxj0gcZ2U2GG3mJrq GyA+cuVFRxVff2dlbjwcXHKrpOR7cWu0/X04GKmTJEQ= 038312a74d25bdf2c71bd7fff601593d
Keylla Keylla [email protected] 1984-05-24 João Pessoa Brazil $2y$10$yy2tlyqN2Uomfs4eBGY10ezSuNZZCwaZEAAT75QlmBew/q2stDDkm /E9qgAhjqirvpGO+Fr4eeyw6mhsB7HlRhBRqSKgDVz0= b4e93587f277b2e203ba7abd0e42fdc0


password_hash is the bcrypt hash ($2y$10$) of the password.
I do not know what password_enc is
and password_md5 is the MD5 hash of the password.
So for an entry there are 2 ways to crack the password: either you crack the bcrypt one (mode 3200 with hashcat) which is very very slow or you target the MD5 one (mode 0 with hashcat) which is very fast.

In the first example above the password is 1+1=deux
and the second one is 007JamesBond

Attacking the MD5 allowed me to dehash ~95% of the passwords. If some of you are interested, let me know and I'll publish a "dehash" version.
Reply

Possibly Related Threads…
Thread Author Replies Views Last Post
000Webhost Database - Leaked, Download! Loki 293 55,879 2 hours ago
Last Post: cyb3rgh057
LinkedIn Database - Leaked, Download! Omnipotent 532 94,304 4 hours ago
Last Post: palstar
17.Media Database - Leaked, Download! Velocibola 58 11,818 4 hours ago
Last Post: helloakak

 Users browsing this thread: 1 Guest(s)