-
August 28th, 2008, 07:17 AM
#1
Packet Sniffer for capturing session?
Dear friends,
I was surfing the net that I came across the following message in a board:
/////////////////////////////////////////////////////////////////
I've got a soft that capture the Yahoo session like:
"http://login.yahoo.com/config/login?.tries=3&.
src=ym&.md5=&.hash=&.js=1&.last=&promo=&.intl=us&. bypass=&.partner=&.u=40avnjt1da3t7&.v=0&.challenge =gJHnjP93jlYiEyzbwnYDOBQNrmn5&.y
plus=&.emailCode=&pkg=&stepid=&.ev=&hasMsgr=1&.chk P=Y&.done=http%3A//mail.yahoo.com&login=test123&passwd=9c207190bd4143 0c9157fc5c
a8a84d57&.persistent=&.save=1&.hash=1&.md5=1"
Can anyone know how to decode the passwd hidden under
"&passwd=9c207190bd41430c9157fc5ca8a84d57&" ???
///////////////////////////////////////////////////////////////////
I think it had been something like packet sniffers but not sure.
Does anyone have a feeling toward what it had been? or guess?
Thanks all
-
August 28th, 2008, 07:26 AM
#2
It's an MD5 hash, can't decode that only bruteforce it.
I think it had been something like packet sniffers but not sure.
Why don't you try it yourself?
http://www.wireshark.org
Oliver's Law:
Experience is something you don't get until just after you need it.
-
August 28th, 2008, 08:43 AM
#3
As SirDice mentioned it is a md5 hash and i suspect that you would have a slim chance at "cracking" the hash.
And even if you did crack it what purpose would it serve? I mean really is it worth spending an amount of time to get into someon'es yahoo account...
Simply because as soon as the actual owner of the account become's aware of it, they will notify yahoo and the account will be suspended and reset with new password etc.
So you will be at stage 1 again very quickly.
-
August 28th, 2008, 09:36 AM
#4
Thanks Sir,
I just downloaded the wireshark and googled it but let me say something.
Yes the pass is md5 but as I have found out, he has logged in with his own user and pass into yahoo and by capturing his own session by wireshark, he has gained the md5 hash of his pass!!!!!!!!So what? What's the result of using wireshark this way!!!!
I know that md5 has a 1-way algorithm. So when we first make an account in yahoo it stores a md5 copy of our pass in his database (say HASH1). The next time you wanna login, you gave him again your pass...yahoo changes it into md5 (say HASH2) and compares it with HASH1...if they are the same u can enter. OK. I thought he had found HASH1 in his post...I mean the hash of real pass that's stored in server database otherwise what's the benefit of finding your own md5 pass!!!!!!!!!
Anyhow do you think there is any footprint of HASH1 any any of sent or received packets during email login? And can it be sniffed?
Last edited by boyboy400; August 28th, 2008 at 01:09 PM.
-
August 28th, 2008, 09:43 AM
#5
Thanks t34b4g5 too. But what do you think about my next post? Am I right? Also I agree with you, in general, about worthlessness of hacking others privacy but in hackers manifesto there's a sentence: do not judge me cause you don't know me. Only God can judge me.
I myself believe the above sentences from manifesto (and of course I have some discussions about it <winkle>)
-
August 28th, 2008, 03:35 PM
#6
If you look closely at the url you'll also find a challenge in there..
So it's a challenge/response type authentication.
Just sniffing the current MD5 won't help you as it depends on the challenge..
http://en.wikipedia.org/wiki/Challen...authentication
Oliver's Law:
Experience is something you don't get until just after you need it.
-
August 29th, 2008, 09:37 PM
#7
Dear SirDice,
I read about challenge/response type authentication. Thanks for the link but would you please give some sharp answers to my 2 questions (I'm so sorry for being so newbie)
1-In my first question above, when we know that there had been a challenge/responce, does it mean that the hash of password is manipulated with some string? I mean for example if the pass had been 123 and its hash mush be abcdef, yahoo added a string to it and what we have is: "hash=xyzabcdef"? Am I right?
2- Was I right about the wireshark? I mean does it have sniffed the hash of his own password (not the hash of someone else)? Because apparently it sniffs the packages(being sent and received) of the computer it's installed on!!
Thanks
-
August 30th, 2008, 08:51 AM
#8
Originally Posted by boyboy400
about worthlessness of hacking others privacy but in hackers manifesto there's a sentence: do not judge me cause you don't know me. Only God can judge me.
I myself believe the above sentences from manifesto (and of course I have some discussions about it <winkle>)
The Hackers manifesto is as outdated as the sentence you just quoted.
-
August 31st, 2008, 03:48 AM
#9
Ok here's a link to MD5 DarkDBProject V1.2 - Hash database
i'm not going to explain what to do with it, but maybe give this a play with and see if it helps.
-
August 31st, 2008, 10:45 PM
#10
but in hackers manifesto there's a sentence: do not judge me cause you don't know me. Only God can judge me.
I myself believe the above sentences from manifesto
Shame that the Feds and the Courts don't.
Similar Threads
-
By cheyenne1212 in forum Miscellaneous Security Discussions
Replies: 7
Last Post: February 1st, 2012, 02:51 PM
-
By qod in forum The Security Tutorials Forum
Replies: 6
Last Post: February 27th, 2004, 03:03 AM
-
By don in forum The Security Tutorials Forum
Replies: 9
Last Post: January 8th, 2003, 02:40 PM
-
By Noble Hamlet in forum AntiOnline's General Chit Chat
Replies: 1100
Last Post: March 17th, 2002, 09:38 AM
-
By antihaxor in forum Non-Security Archives
Replies: 0
Last Post: January 24th, 2002, 05:42 PM
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|