MS SQL method fuck

Page 2 of 3 1 2 3
04/01/2006 22:58 dalepharo#16
maybe, but one thing i know, is that the usernames are the same. i think the passes are encrypted. try using the sql query browser. it works wonders...
04/01/2006 23:01 toreddo#17
im not using it on this computer, and if im gonna do something like that i will use the school computer. :D
i think it is 50% chance that the encryption is MD5
04/01/2006 23:03 dalepharo#18
i think u'r right. it looks like md5, but it gets spread over 4 packets when you login :(
04/01/2006 23:05 toreddo#19
Quote:
Originally posted by dalepharo@Apr 1 2006, 23:03
i think u'r right. it looks like md5, but it gets spread over 4 packets when you login :(
omg, that is anoying! well good luck! :P
Im not gonna try this 4 x 4 = 16 16 different ways are possible to sort this
04/01/2006 23:08 dalepharo#20
oh well... sigh. there's like 2 constants in the login packets, so that should make it a bit easier, still, if you know anyone interested in doing a dist. brute attack, plz let me know. thx.
04/01/2006 23:09 toreddo#21
Quote:
Originally posted by dalepharo@Apr 1 2006, 23:08
oh well... sigh. there's like 2 constants in the login packets, so that should make it a bit easier, still, if you know anyone interested in doing a dist. brute attack, plz let me know. thx.
i shall ask a friend, but im going to bed now bye bye
04/01/2006 23:11 dalepharo#22
cheers
04/01/2006 23:26 mothmanknows#23
dude, it would still take ages to do...
04/01/2006 23:27 mothmanknows#24
if i had more time on the net, i would help, but sadly... i dont...
04/02/2006 00:39 Robsta#25
i wouldn't, dickweed here's trying to login to my n00b tao now lol. Its gota backdoor in it/keylogger sooo, no.
04/02/2006 00:48 Robsta#26
and also, heres hte virus scan logs, i wish i would have scanned first
File: Angry_IP_Scanner.exe
Status:
INFECTED/MALWARE (Note: this file has been scanned before. Therefore, this file's scan results will not be stored in the database)
MD5 a1d5993c5e1e2bf75ec2b19740eb6e49
Packers detected:
-
Scanner results
AntiVir
Found nothing
ArcaVir
Found Trojan.Dropper.Vb.Lv
Avast
Found nothing
AVG Antivirus
Found Dropper.Generic.EAJ
BitDefender
Found Generic.Malware.PPk.14B56DE6
ClamAV
Found Trojan.Dropper.VB-4
Dr.Web
Found nothing
F-Prot Antivirus
Found W32/Trojan.BDE
Fortinet
Found W32/VB.LV-dr
Kaspersky Anti-Virus
Found Trojan-Dropper.Win32.VB.lv
NOD32
Found nothing
Norman Virus Control
Found W32/VBTroj.G
UNA
Found nothing
VirusBuster
Found nothing
VBA32
Found Trojan-Dropper.Win32.VB.lv
04/02/2006 06:48 Waverunner#27
Of course it is MD5. Everything uses MD5 today. AOL, MSN Messenger, etc. About bruteforcing: rainbow tables would be best, yes, but who has big enough tables? Even if you create a big enough one, which takes a while, you still have to do the hacking which can take years depending on length of password. What if CO SQL pass is 200 characters long? That would take LITERALLY decades to bruteforce or break with a rainbow table unless you used an extremely fast processor with overclocking.
04/02/2006 09:40 Tw3ak#28
only wannabe hacker script kiddies would be tryin to hack the sql anyway using bots and exploits in the game is 1 thing when you go out of your way to fk other people over is just moronic.
04/04/2006 10:24 k4g4m1#29
ya better go find some exploit than brute force , few attempts and u will get blockd
04/05/2006 21:44 tester#30
Quote:
Originally posted by Robsta@Apr 1 2006, 20:10
but as far as i know, its mandated for sql servers to be passworded.
be4 recent updates the default sa password was blank unless you explictly set it
Page 2 of 3 1 2 3