Thursday, February 17, 2011

Whether we can give actual details to the forums ?

After the release of the rootkit.com whole Mysql database (http://stfu.cc/rootkit_com_mysqlbackup_02_06_11.gz) 85000 users detail (if we remove the duplicate at least 50000 users) I searched my data obviously listed there.. :( Anyway i used to rotate my passwords and use lame passwords in the forums i feel safe. But after the breach the owners could advise the users of the group may be they don’t have the data now ? Some of the hashes i could reverse. I searched some Sri Lankan users around 30 users i could reverse some of the users password obviously my one too as reference ;).

Hope dedicated crackers could use large rainbow table to reverse more of it I don’t wont to waste my time.

One reverse hashing site:
http://md5.thekaine.de/ ( if you have better sites please let me know)
http://md5.my-addr.com/md5_decrypt-md5_cracker_online/md5_decoder_tool.php
http://www.netmd5crack.com/cracker/
http://isc.sans.edu/tools/reversehash.html

1023 passwords are - "123456" :)
384 - password is "password"
329 - password is "rootkit"
190 - 111111
181 - 12345678
174 - qwerty


Analysis about the attack:
http://arstechnica.com/tech-policy/news/2011/02/anonymous-speaks-the-inside-story-of-the-hbgary-hack.ars

jibberjabber :)

No comments: