Learn how easy it is to sync an existing GitHub or Google Code repo to a SourceForge project! See Demo

Close

#2 password decryption/non-encrypted password

closed
nobody
None
5
2007-07-03
2007-01-07
Daniel S
No

I run a znc bouncer on frostmud.com, port 8833. one of my users has forgotten his password; i would like to know if its possible to put a non-encrypted password in the .conf file, or (preferrably) if yoou would be willing to decrypt the password for me, and send it to efreak2005@gmail.com
32 char password from file:
9af611ba23b49797369909c5c0f89605
entire line from file:
Pass = 9af611ba23b49797369909c5c0f89605 -

Discussion

  • Psychon
    Psychon
    2007-01-12

    Logged In: YES
    user_id=1654410
    Originator: NO

    Where's the bug? Ill move this to support requests...

    Pass = not-hashed-password
    Pass = <md5 hash> -

    The - at the end makes the difference between hashed and plain password. You can just change this to a new password.
    If you want to generate a password hash you can use znc --makepass.
    The password hash is just a normal MD5 hash, so the password is neither encrypted nor can it be decrypted. All you can do about the lost password is starting a dictionary or brute attack or setting a new password for that user (webadmin module?).
    The attacks take a lot of time and some tool to do it (both which i dont have), but its still possible.
    If anyone got any hints for brute forcing a MD5 hash, give a comment.

    Psychon

     
  • Logged In: NO

    9af611ba23b49797369909c5c0f89605 = hot8cool

     
  • Psychon
    Psychon
    2007-07-03

    • status: open --> closed