Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

pen-test logo Penetration Testing mailing list archives

RE: Craking Serv-u passwords stored in .ini file.
From: "Ferruh Mavituna" <ferruh () mavituna com>
Date: Wed, 1 Sep 2004 18:29:04 +0300
Arc,

Add 2 random chars beginning of the password then chars + MD5Hash of
complete string

For example;

Pass is: tester
Random Characters: ax
Serv-u INI pass is: axEC246B60729AA9F32F23DB03A49A397F
MD5(axtester) = EC246B60729AA9F32F23DB03A49A397F

So you can try to "mdcrack" to crack MD5 or you can rainbow tables;



Best Regards;

Ferruh Mavituna
http://ferruh.mavituna.com
PGP Key: http://ferruh.mavituna.com/pgpkey.asc 


-----Original Message-----
From: [Arcangel] [mailto:arcangel () phreaker net]
Sent: Tuesday, August 31, 2004 3:58 AM
To: Pent-Test Security Focus
Subject: Craking Serv-u passwords stored in .ini file.

Hi list.
Im looking the manner to crack users passwords stored in ServUDaemon.ini
whit [Regular Password].

Example:

[USER=Arcangel|1]
Password=at3764132C1E6D47317A784A22A31EF3E4

Can you help me?

Thx.        Arc.


--------------------------------------------------------------------------
----
Ethical Hacking at the InfoSec Institute. All of our class sizes are
guaranteed to be 12 students or less to facilitate one-on-one interaction
with one of our expert instructors. Check out our Advanced Hacking course,
learn to write exploits and attack security infrastructure. Attend a
course
taught by an expert instructor with years of in-the-field pen testing
experience in our state of the art hacking lab. Master the skills of an
Ethical Hacker to better assess the security of your organization.

http://www.infosecinstitute.com/courses/ethical_hacking_training.html
--------------------------------------------------------------------------
-----




------------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. All of our class sizes are
guaranteed to be 12 students or less to facilitate one-on-one interaction
with one of our expert instructors. Check out our Advanced Hacking course,
learn to write exploits and attack security infrastructure. Attend a course
taught by an expert instructor with years of in-the-field pen testing
experience in our state of the art hacking lab. Master the skills of an
Ethical Hacker to better assess the security of your organization.

http://www.infosecinstitute.com/courses/ethical_hacking_training.html
-------------------------------------------------------------------------------

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]