I'm trying to crack this hash: 3yiEE
Anyone got an idea of what hash function it can be made of?
>>51393940
that's cute
>>51394407
Well I know its a shitty hash what can I do? That's what I've got and I'm looking for a solution. Anyone?
>>51393940
>3yiEE
It's probably a I'd you just need to find out what site it belongs to, then manually swap ids in the URL box
>>51394856
>I'd
*id
>>51394873
I know for a fact it's the password's hash as I found it in an SQL table in "members_pass_hash"
It's probably coming from a custom hash function but I thought I'd give it a shot here to seek for help. Thanks
>>51393940
maybe crc32 or crc16?
not sure looks odd
>>51395087
also funfact webdev here
passwords a lot of the time are worthless
if you have the hash, its almost as good as the password (depending on a few variables as this is not always the case)
>get hash
>go to logon page and try to logon
>watch what happens in your network stack
>use the browser "post test" functions in the dev tools to mimick the logon post
>now just use the hash instead of a password
you should now be logged in
trying to get server access? ehhhh tricky, try to exploit it with a PHP shell if you're trying to do that (after you login).
the above method wont work, in say an enviroment like laravel where the hashed password, is hashed again with a stalted hash before being saved, or if the passwords are not hashed before being sent.
>>51393940
you mean find a collision?
dipshit.
>>51395087
Not them, thanks :)
>>51395171
Awesome! I'll give it a shot
It's trickey though because my main cause is getting the password. I found this hash in a db dump, it belongs to someone who did my friend wrong
>>51393940
A 200 bit hash you could copy as text without "funny looking" chars? I don't think so, try rot13 it and use that as a pw.
>3lvRR