HeroesForGhost Posted August 24, 2008 Share Posted August 24, 2008 Can someone please explain to me how to locate hashes? I know how to crack a hash once I've actually found it (brute force, dictionary, etc--even morons can do it with the right software) but I'd like to know how to actually OBTAIN the hash characters themselves. An idiot friend insists I can get them just by viewing a website's source code, but either he's just kidding or is a retard. How do you actually find password hashes from a website that uses a basic username/passcode system? Quote Link to comment Share on other sites More sharing options...
Tenzer Posted August 24, 2008 Share Posted August 24, 2008 The MD5 hashed will most probably be located in the websites database, which you don't have access to unless you "gain" access to it someway around the website. Otherwise you would have to do some SQL injection on the site, in order to get the raw data from the database. If you just want to test out cracking of a MD5 hash, you could just try to make a MD5 hash through pages like this one and go nuts on it. Quote Link to comment Share on other sites More sharing options...
Sparda Posted August 24, 2008 Share Posted August 24, 2008 Note: 'Well written' forums and other such applications are not vulnerable to rainbow tables. Quote Link to comment Share on other sites More sharing options...
HeroesForGhost Posted August 25, 2008 Author Share Posted August 25, 2008 Thanks for the help, both of you. I'll UTFSE and try to figure out how to do SQL injections. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.