Luigi Auriemma

aluigi.org (ARCHIVE-ONLY FORUM!)
It is currently 19 Jul 2012 13:52

All times are UTC [ DST ]





Forum locked This topic is locked, you cannot edit posts or make further replies.  [ 11 posts ] 
Author Message
 Post subject: ventrilopwd
PostPosted: 29 Jul 2008 19:11 

Joined: 21 Aug 2007 00:16
Posts: 3
Ok So I just used ventrilopwd and got back encoded passwords. Is there any way to decrypt them? Are they md5-hashes?


Top
 Profile  
 
 
 Post subject:
PostPosted: 30 Jul 2008 00:10 

Joined: 24 Sep 2007 02:12
Posts: 1114
Location: http://sethioz.co.uk
how they look like ? md5 hash cracking is EASY :)


Top
 Profile  
 
 Post subject:
PostPosted: 30 Jul 2008 05:55 

Joined: 21 Aug 2007 00:16
Posts: 3
Heres what it outputs

Hostname (Im hiding this)
Port (hiding this also)
EncPass D8F7D79766B8AEFBA6507E02E158899E8B93DABBFDBD223D3798C1857868D063


Top
 Profile  
 
 Post subject:
PostPosted: 30 Jul 2008 09:33 

Joined: 13 Aug 2007 21:44
Posts: 4068
Location: http://aluigi.org
that tool is old, I will recheck and update it soon


Top
 Profile  
 
 Post subject:
PostPosted: 30 Jul 2008 19:49 

Joined: 21 Aug 2007 00:16
Posts: 3
Ok thank you very much. Your tools are great.


Top
 Profile  
 
 Post subject:
PostPosted: 30 Jul 2008 21:58 

Joined: 24 Sep 2007 02:12
Posts: 1114
Location: http://sethioz.co.uk
luca662 wrote:
Heres what it outputs

Hostname (Im hiding this)
Port (hiding this also)
EncPass D8F7D79766B8AEFBA6507E02E158899E8B93DABBFDBD223D3798C1857868D063


its a SHA-2 (256) hash.
cain supports that and can crack such password hashes.
http://www.oxid.it/cain.html


Top
 Profile  
 
 Post subject:
PostPosted: 30 Jul 2008 23:47 

Joined: 13 Aug 2007 21:44
Posts: 4068
Location: http://aluigi.org
I have rechecked the tool and any EncPass* password is just the hashed password calculated with the Ventrilo password algorithm:

http://aluigi.org/papers/ventrilo_pwd_hash.h

So you can't decrypt or recover them


Top
 Profile  
 
 Post subject:
PostPosted: 01 Aug 2008 14:43 

Joined: 24 Sep 2007 02:12
Posts: 1114
Location: http://sethioz.co.uk
you sure its special vent encryption ?
it sure looks like sha2 hash.


Top
 Profile  
 
 Post subject:
PostPosted: 02 Aug 2008 06:08 

Joined: 16 Aug 2007 06:25
Posts: 367
It's hard to tell what algorithm a hash was generated from because all you have to see is the hexidecimal output and length...which is why reverse engineering is usually needed in figuring that stuff out. For example seeing a hash like the posts above could be a lot of things:

SHA256
Haval256
RipeMD256
SNEFRU256

or even

MD5MD5
MD5SHA1
...etc

...or it could be customized for the program like it appears to be for ventrilo.


Top
 Profile  
 
 Post subject: Re: ventrilopwd
PostPosted: 26 Jun 2010 08:46 

Joined: 26 Jun 2010 08:39
Posts: 1
So what is the point of having ventrilopwd and ventrilo_pwd_hash.h if Enc passwords can't be decrypted? Someone enlighten me... = /


Top
 Profile  
 
 Post subject: Re: ventrilopwd
PostPosted: 26 Jun 2010 11:41 

Joined: 24 Jun 2010 10:04
Posts: 70
Location: aluigi not @ home
it's decrypted and it decrypts it, this is the sense.
the fact that then the hash is brute forcable or not it's an unrelated thing


Top
 Profile  
 
Display posts from previous:  Sort by  
Forum locked This topic is locked, you cannot edit posts or make further replies.  [ 11 posts ] 

All times are UTC [ DST ]


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for: