xymon
+ Reply to Thread
Results 1 to 8 of 8

Thread: encrypted file location?

  1. #1
    Join Date
    Apr 2007
    Posts
    109

    encrypted file location?

    how would i be able to find the encrypted password files from servers you login to such as myspace? there must be a certain url its at or something can someone please help me out with this?

  2. #2
    Join Date
    Sep 2006
    Posts
    1,651
    Well, such a file would either be in a protected directory, or on MySpace's private Intranet which you would have to access via an FTP client, either way, it's not gonna be easy to get, because I'm pretty sure it's the second option.

  3. #3
    Join Date
    Apr 2007
    Posts
    109
    where do you think i would start i have cain and abel but idk where to start any s***estions?

  4. #4
    Join Date
    Sep 2005
    Posts
    2,053
    The hashed passwords would be stored on Myspace's SQL server, which probably can only be accessed from their internal network and requires a password. The physical SQL database would be in a directory on the same server that has permissions set to prevent access from even someone who got non-root access to it.

    If you somehow managed to penetrate their internal network and get root access to the SQL server, the hashes would likely be salted, thus preventing any dictionary or rainbow table attacks. You would have to spend days, possible weeks or months brute-forcing the alphanumeric password unless you knew the salt and the victim chose a really poor password.

    In other words, it's not worth even attempting.

  5. #5
    Join Date
    Apr 2007
    Posts
    109
    but if i got in would i get every single login and password for the website? or would i have to decryped every login individually? Because it may be worth the weeks if i could get every password.

  6. #6
    Join Date
    Sep 2005
    Posts
    2,053
    Let's get one thing straight: you're not going to hack Myspace. They pay many highly knowledgeable people to take care of their security, and unless you're some sort of security and programming expert, there is no chance. They aren't going to beaten by kids with pre-made tools.

    If you did 'get in', it wouldn't be that simple. User info would probably be stored on multiple servers.

    Quote Originally Posted by dipman44 View Post
    but if i got in would i get every single login and password for the website? or would i have to decryped every login individually? Because it may be worth the weeks if i could get every password.
    See what I wrote above:

    the hashes would likely be salted, thus preventing any dictionary or rainbow table attacks. You would have to spend days, possible weeks or months brute-forcing the alphanumeric password unless you knew the salt and the victim chose a really poor password.
    You would have to decrypt every hash individually. And I was talking about weeks for each hash, not for all of them.

  7. #7
    Join Date
    Sep 2006
    Posts
    1,651
    You'd have a hard time covering your *****s too, they probably have IDSes running. And if you got caught, that would equal lots of legal trouble, just because you wanted to hack MySpace and mess with a few people.

  8. #8
    Join Date
    Apr 2007
    Posts
    109
    Quote Originally Posted by Moonbat View Post
    You'd have a hard time covering your *****s too, they probably have IDSes running. And if you got caught, that would equal lots of legal trouble, just because you wanted to hack MySpace and mess with a few people.
    ya your right i could just use a password cracker for myspace that i found unstead but the only thing about it is i cant always crack everyone that i try i can only crack retards that put retarted passwords

+ Reply to Thread

Similar Threads

  1. Location.
    By Unregistered in forum Internet Privacy
    Replies: 5
    Last Post: 01-27-2013, 06:11 AM
  2. obtaining encrypted passwords
    By duckiesarefun in forum Security & Encryption
    Replies: 4
    Last Post: 11-24-2008, 07:07 PM
  3. Seagate Ships Encrypted Laptop Platform
    By SyntaXmasteR in forum Security & Encryption
    Replies: 0
    Last Post: 04-12-2007, 04:09 PM
  4. .bat file to search a exe file location
    By Kapone in forum Security & Encryption
    Replies: 13
    Last Post: 07-01-2005, 08:05 AM
  5. encrypted urls at work
    By D'Artagnan in forum Proxies and Firewalls
    Replies: 0
    Last Post: 03-13-2002, 10:00 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts