Re: [sqlmap-users] Unknown Hash Format
Brought to you by:
inquisb
Menu
▾
▴
Re: [sqlmap-users] Unknown Hash Format
|
From: Chris O. <chr...@gm...> - 2013-02-07 17:03:57
|
I'll have a look, there are many columns, one moment. On 7 February 2013 17:02, Miroslav Stampar <mir...@gm...>wrote: > Hi. > > I can't reproduce that that value is recognized as a MySQL (old). Maybe > some other value has been recognized in a table dump as MySQL (old) but > that value wasn't that (pretty sure). > > Kind regards, > Miroslav Stampar > On Thu, Feb 7, 2013 at 3:09 PM, Miroslav Stampar < > mir...@gm...> wrote: > >> This looks like a first part of standard MySQL pass hash. Full one should >> start with * and have 40 hex chars. >> >> Maybe one part is stored at one DBMS instance and the other at the other >> (for security reasons). This is a recommended way in high profile targets. >> >> I'll take a look later why it's recognized as mysql_old as it obvioulsy >> isn't. >> >> Bye >> Dana 7.2.2013. 14:46 "Chris Oakley" <chr...@gm...> je >> napisao/la: >> >>> Hi All >>> >>> Not a direct SQLMap question but I thought someone might be able to shed >>> some light on this. I'm testing an app that has SQL injection and a lot of >>> the user passwords hashes are in the following format: >>> >>> *15C828E597C8B6781C2 >>> >>> Does anyone recognise what this is? They're all unsalted. SQLMap picks >>> it up as MySQL (Old) when it's trying to crack them, but this is incorrect >>> as far as I'm away. Older MySQL hashes come in the format: >>> >>> 5c47637e661879aa (weddingtv) - cracked by SQLMap :) >>> Sorry to go a bit off topic... >>> >>> Cheers >>> >>> Chris >>> >>> >>> ------------------------------------------------------------------------------ >>> Free Next-Gen Firewall Hardware Offer >>> Buy your Sophos next-gen firewall before the end March 2013 >>> and get the hardware for free! Learn more. >>> http://p.sf.net/sfu/sophos-d2d-feb >>> _______________________________________________ >>> sqlmap-users mailing list >>> sql...@li... >>> https://lists.sourceforge.net/lists/listinfo/sqlmap-users >>> >>> > > > -- > Miroslav Stampar > http://about.me/stamparm |
