Packet Sniffer for capturing session?

Dear friends,
I was surfing the net that I came across the following message in a board:
/////////////////////////////////////////////////////////////////
I've got a soft that capture the Yahoo session like:

"http://login.yahoo.com/config/login?.tries=3&.
src=ym&.md5=&.hash=&.js=1&.last=&promo=&.intl=us&. bypass=&.partner=&.u=40avnjt1da3t7&.v=0&.challenge =gJHnjP93jlYiEyzbwnYDOBQNrmn5&.y
plus=&.emailCode=&pkg=&stepid=&.ev=&hasMsgr=1&.chk P=Y&.done=http%3A//mail.yahoo.com&login=test123&passwd=9c207190bd4143 0c9157fc5c
a8a84d57&.persistent=&.save=1&.hash=1&.md5=1"

Can anyone know how to decode the passwd hidden under
"&passwd=9c207190bd41430c9157fc5ca8a84d57&" ???
///////////////////////////////////////////////////////////////////
I think it had been something like packet sniffers but not sure.
Does anyone have a feeling toward what it had been? or guess?

Thanks all

Quote:

---

hash=1&.md5=1

---

It's an MD5 hash, can't decode that only bruteforce it.

Quote:

---

I think it had been something like packet sniffers but not sure.

---

Why don't you try it yourself?

http://www.wireshark.org

As SirDice mentioned it is a md5 hash and i suspect that you would have a slim chance at "cracking" the hash.

And even if you did crack it what purpose would it serve? I mean really is it worth spending an amount of time to get into someon'es yahoo account... :confused:

Simply because as soon as the actual owner of the account become's aware of it, they will notify yahoo and the account will be suspended and reset with new password etc.

So you will be at stage 1 again very quickly.

Thanks Sir,
I just downloaded the wireshark and googled it but let me say something.
Yes the pass is md5 but as I have found out, he has logged in with his own user and pass into yahoo and by capturing his own session by wireshark, he has gained the md5 hash of his pass!!!!!!!!So what? What's the result of using wireshark this way!!!!
I know that md5 has a 1-way algorithm. So when we first make an account in yahoo it stores a md5 copy of our pass in his database (say HASH1). The next time you wanna login, you gave him again your pass...yahoo changes it into md5 (say HASH2) and compares it with HASH1...if they are the same u can enter. OK. I thought he had found HASH1 in his post...I mean the hash of real pass that's stored in server database otherwise what's the benefit of finding your own md5 pass!!!!!!!!!
Anyhow do you think there is any footprint of HASH1 any any of sent or received packets during email login? And can it be sniffed?

Thanks t34b4g5 too. But what do you think about my next post? Am I right? Also I agree with you, in general, about worthlessness of hacking others privacy but in hackers manifesto there's a sentence: do not judge me cause you don't know me. Only God can judge me.
I myself believe the above sentences from manifesto (and of course I have some discussions about it <winkle>)

If you look closely at the url you'll also find a challenge in there..
So it's a challenge/response type authentication.
Just sniffing the current MD5 won't help you as it depends on the challenge..

http://en.wikipedia.org/wiki/Challen...authentication

Dear SirDice,
I read about challenge/response type authentication. Thanks for the link but would you please give some sharp answers to my 2 questions (I'm so sorry for being so newbie)
1-In my first question above, when we know that there had been a challenge/responce, does it mean that the hash of password is manipulated with some string? I mean for example if the pass had been 123 and its hash mush be abcdef, yahoo added a string to it and what we have is: "hash=xyzabcdef"? Am I right?
2- Was I right about the wireshark? I mean does it have sniffed the hash of his own password (not the hash of someone else)? Because apparently it sniffs the packages(being sent and received) of the computer it's installed on!!
Thanks

Quote:

---

Originally Posted by boyboy400

about worthlessness of hacking others privacy but in hackers manifesto there's a sentence: do not judge me cause you don't know me. Only God can judge me.
I myself believe the above sentences from manifesto (and of course I have some discussions about it <winkle>)

---

The Hackers manifesto is as outdated as the sentence you just quoted. :spit:

Ok here's a link to MD5 DarkDBProject V1.2 - Hash database

i'm not going to explain what to do with it, but maybe give this a play with and see if it helps. ;)

Quote:

---

but in hackers manifesto there's a sentence: do not judge me cause you don't know me. Only God can judge me.
I myself believe the above sentences from manifesto

---

Shame that the Feds and the Courts don't.:lildevil:

Quote:

---

Originally Posted by boyboy400

1-In my first question above, when we know that there had been a challenge/responce, does it mean that the hash of password is manipulated with some string? I mean for example if the pass had been 123 and its hash mush be abcdef, yahoo added a string to it and what we have is: "hash=xyzabcdef"? Am I right?

---

Sounds about right.

Quote:

---

2- Was I right about the wireshark? I mean does it have sniffed the hash of his own password (not the hash of someone else)? Because apparently it sniffs the packages(being sent and received) of the computer it's installed on!!

---

It sure looks that way.

Quote:

---

Only God can judge me.

---

I'm an atheist. God is overrated.

:) http://blogs.news.com.au/images/uploads/1608539.jpg :)

Quote:

---

Originally Posted by The-Spec

:) http://blogs.news.com.au/images/uploads/1608539.jpg :)

---

That's a nice toy gun. :flush:

Merci beaucoup mon ami t34b4g5. I knew you wouldn't
let me alone :D . I firmly believe that wires transmit feelings.
I didn't check this post yeasterday because I got dissapointed
to revieve another helpful answer :( . but now :) ......

And I agree that the role of God after the creation is overrated
sometimes to somehow because of human weaknesses but I fell he
must exist somewhere pretty near...;)