Hey /g,
I got this Oracle DB with a bunch of data connected to a Java Web Application, and a table with usernames and passwords. Unfortunately the passwords are hashed, I think...
Here's one of the passwords of the column:
bEdmA9WYPO2Pbew0tqFTkeTzrNI=
As far as I know, it seems that Base64 to encode the password, because every single one have "=" or "==" at the end, this usually happens because of the padding mechanism in Base64. However, I couldn't encode this in a proper way (i.e: could not obtain original plain text).
Any help on this?
>>61630543
You are trying to decode, not encode.
Might be using a different character set, do you see any / characters?
>>61630543
just install kali and spam every skiddie tool you can possibly find
probably start with rainbow tables idk
>>61630707
Hmm, I tought of that too, actually I tried >>61630716
Hmm, I'm fairly new with this. Do you think hashcat can do the trick in, let's say, one week?
If you dumped the DB, look at the app and see the pw mechanism
>>61630857
You see, I don't have access to the application code neither the DBMS. I'm actually using a pen test tool to extract some data from the DB.
:|
>>61631125
Skiddy fag
What tool?
>Inb4 sqlmap or havij
>>61631155
How can I be a skiddy fag if I program a whole bunch of pen test tools and know how those algorithms work?
>>61631240
My bad. I assumed you were running a Kali VM in windows like a pussy
>>61631270
No, the default modus operadi is a generic distro linux booted from a flash drive using tor, proxies, from a small cafe with no cameras and few witnesses.
>>61631229
Let's just say sqlmap.
>>61631435
It allows easy scripting with python
>>61630716
This will take a lot of time... I was thinking in figuring out how to decode this password, if only I could tell wich algorithm was used to encode it in the first place. I find hard to believe that this password is encrypted.
>>61631641
I can assure you guys, this doesn't involve the DNC.