Thread Rating:
  • 3 Vote(s) - 5 Average
  • 1
  • 2
  • 3
  • 4
  • 5
InterPals Database - Leaked, Download!
#13
How to dehash the passwords?
Reply
#14
(03-21-2018, 02:11 AM)pannigapahe Wrote:  It seems that at the end of the file has some sort of 'insufficient' hashes, I am not sure personally whats going on, but as stated previously this does seem incomplete with not all the users.

I confirm that. The end of the file is uncomplete Exclamation
Reply
#15
(11-13-2017, 02:54 PM)Arvectus Wrote:  Thanks for sharing, a lot of people would need this,

I gotta say .... this is one seriously messed up 600mb file due to weird line breaks.

I had to run at least 3 regex find and replace to try and fix the line breaks, and its still messy.

There is most probably a more original copy than this somewhere, without insane line breaks.

just downloaded and noted that... its gonna take gd time to fix it if at all 100% fixable Tongue
Reply
#16
thanks for this! awesome
Reply
#17
Thumbsup 
Thank you ! Been looking for this :D
Reply
#18
I was also looking for this. Thank you!
Reply
#19
I dont think this one works
Reply
#20
Nice thank you very much !
Reply
#21
Nice one, this one is def legit.
Reply
#22
Thx,BODY!
download and have a look
Reply
#23
thank you very much!
Reply
#24
were you about to dehash ???

(06-19-2018, 01:08 PM)JoanCoast Wrote:  Are you sure the password format is MD5 / phpBB (mode 400 in hashcat) ?
To me it seems it is bcrypt (mode 3200 in hashcat)...

So let me clarify...
The database fields are : name, username, email, birth, city, state, country, password_hash, password_enc, password_md5
eg.
prathiba amynamy [email protected] 1981-09-01 Villiers-le-Bel $2y$10$7S3bVQN6UmKiZ0pzN/0w6.m71VK6bWXCxkHHMxj0gcZ2U2GG3mJrq GyA+cuVFRxVff2dlbjwcXHKrpOR7cWu0/X04GKmTJEQ= 038312a74d25bdf2c71bd7fff601593d
Keylla Keylla [email protected] 1984-05-24 João Pessoa Brazil $2y$10$yy2tlyqN2Uomfs4eBGY10ezSuNZZCwaZEAAT75QlmBew/q2stDDkm /E9qgAhjqirvpGO+Fr4eeyw6mhsB7HlRhBRqSKgDVz0= b4e93587f277b2e203ba7abd0e42fdc0


password_hash is the bcrypt hash ($2y$10$) of the password.
I do not know what password_enc is
and password_md5 is the MD5 hash of the password.
So for an entry there are 2 ways to crack the password: either you crack the bcrypt one (mode 3200 with hashcat) which is very very slow or you target the MD5 one (mode 0 with hashcat) which is very fast.

In the first example above the password is 1+1=deux
and the second one is 007JamesBond

Attacking the MD5 allowed me to dehash ~95% of the passwords. If some of you are interested, let me know and I'll publish a "dehash" version.
Reply
 


Possibly Related Threads...
Thread Author Replies Views Last Post
Star Canadian Residential Database - Leaked, Download! Omnipotent 25 6,404 2 hours ago
Last Post: alexhufi
Shield Maryland 2018 Voter Database - Leaked, Download! Omnipotent 11 921 4 hours ago
Last Post: Crazyoldfart
Thumbsup Pemiblanc Database - Leaked, Download! icanhazdata 118 23,627 11 hours ago
Last Post: simon00666
Star Anti Public Combo List - Leaked, Download! mayonayse 599 129,100 Today, 03:49 AM
Last Post: aenimamachina
Thumbsup Gfan Database - Leaked, Download! Roadforsky 17 6,059 Today, 02:19 AM
Last Post: G0pstd0r



Users browsing this thread: 1 Guest(s)