Previous Thread
Next Thread
Print Thread
Rate Thread
#2298 07/20/06 02:59 PM
Joined: Jul 2006
Posts: 12
Slyce Offline OP
Junior Member
OP Offline
Junior Member
Joined: Jul 2006
Posts: 12
I have recently discoverd a registry value created by AOL's Instant Messenger. The path is:
Code
 HKEY_CURRENT_USER\Software\America Online\AOL Instant Messenger (TM)\CurrentVersion\Users\**Your screen name here**\Login\password1 
The value of this key is a password hash. The hash is only there if the 'remember password' box has been checked the last time you logged on to that screenname on your computer. I've also noticed that the value only changes if you successfully log in with that password. I have created an AIM account and changed the password again and again to compare the hashes. I got this:

LINK

(Please note that AIM passwords can be only 4-16 digits, and contain only a-z, A-Z, and 0-9. Special characters are not allowed (!&#*%^@)) I would like to try to figure out how to decrypt the hashes, but that seems awfully difficult. Does anyone know of a program to decrypt the aim hashes? Or a program where it compares the hash and the password to make a key? In the meantime I will be working on trying to find a pattern in the hashes. If we find out how to decrypt these hashes it means that all that is needed to find a password is to have it saved on the remote computer. (Which is mostly everyone).

Thanks in advance for any help you guys pray laugh


I don't hack. I simply test security, free of charge.

www.slyce.tk/
#2299 07/20/06 03:26 PM
Joined: Feb 2002
Posts: 7,203
Likes: 11
Community Owner
Offline
Community Owner
Joined: Feb 2002
Posts: 7,203
Likes: 11
Your URL does not work, page times out.


Donate to UGN Security here.
UGN Security, Back of the Web, and VNC Web Services Owner
#2300 07/20/06 03:31 PM
Joined: Feb 2002
Posts: 7,203
Likes: 11
Community Owner
Offline
Community Owner
Joined: Feb 2002
Posts: 7,203
Likes: 11
According to a thread I found through Google it would seem that it is a DES hash...

Quote:

tonikgin
Feb 19 2004, 06:11 AM
C:\Stuff\john-16\run>john password.txt
Loaded 1 password (NT LM DES [24/32 4K])

I'm sorry, what were you saying about me beign wrong?

contents of password.txt:
root:FB842CFC6FCE70F9AAD3B435B51404EE

the hash is indeed DES encrypted.


Donate to UGN Security here.
UGN Security, Back of the Web, and VNC Web Services Owner
#2301 07/20/06 07:11 PM
Joined: Jul 2006
Posts: 12
Slyce Offline OP
Junior Member
OP Offline
Junior Member
Joined: Jul 2006
Posts: 12
The hashes I linked to before are as follows:

dLhzN0VCANTTP4DEZj3F5XS4czdFQgDU0z+AxGY9xeU= | aaaa
TBibAgzrAi4OzEJIKALiuEwYmwIM6wIuDsxCSCgC4rg= | aaab
OWOiumWsjrHG4hQEYAMZJTljorplrI6xxuIUBGADGSU= | aaac
ZbqEHgHW23cz6Qpbf55vgGW6hB4B1tt3M+kKW3+eb4A= | bbbb
efEtD+8rgKUgUKwuFy1Yp3nxLQ/vK4ClIFCsLhctWKc= | bbba
wYjv2JAjWmfavB0p3gxZcMGI79iQI1pn2rwdKd4MWXA= | bbbc
Qfy6CfK9zfMVukEZ3Hl43UH8ugnyvc3zFbpBGdx5eN0= | cccc
hpEegd3FiSj/104QnbMaDIaRHoHdxYko/9dOEJ2zGgw= | ccca
01yI7rc97lOYVRzLE2oIOdNciO63Pe5TmFUcyxNqCDk= | cccb

I found a .doc called "Guide To AIM" and it said in there that passwords where stored in a different hash in the system files, but I can't find it. The hash in theh quote that you gave Gizmo is like the one that's in the guide. The hashes in the registry are different. I found a program to decrypt the hashes that aren't stored in the registry,
HERE

The only problem is that I can't find where those hashes are stored. Again, I was told that these hashes are stored in the system files:
Code
 HardDisk/SystemFolder/Preferences/AOLInstantMessenger�/Users/'ScreenName'/ 
But I can't find them. John the ripper doesn't work on the registry hashes either, it doesn't reconize them, but it does reconize the system hashes. Help with decrypting the registry hashes or help with finding the DES hashes location would be most aprecciated.
Thanks laugh


I don't hack. I simply test security, free of charge.

www.slyce.tk/
#2302 07/20/06 07:33 PM
Joined: Feb 2002
Posts: 7,203
Likes: 11
Community Owner
Offline
Community Owner
Joined: Feb 2002
Posts: 7,203
Likes: 11
They used to save the hashes in plain files on the disk, they got wise to people cracking them and started encrypting them.

When I first looked at it I thought they where MD5ed heh


Donate to UGN Security here.
UGN Security, Back of the Web, and VNC Web Services Owner
#2303 07/20/06 08:56 PM
Joined: Jul 2006
Posts: 12
Slyce Offline OP
Junior Member
OP Offline
Junior Member
Joined: Jul 2006
Posts: 12
Ok, thanks. So I'm too late I take it? The only hashes stored are in the registry? Darn. I found a program that sounds like it cracks the registry hashes. The only problem is that it's open source, and I have no idea how to compile it.

LINK

Thanks for your help Mate


I don't hack. I simply test security, free of charge.

www.slyce.tk/
#2304 07/20/06 10:29 PM
Joined: Feb 2002
Posts: 7,203
Likes: 11
Community Owner
Offline
Community Owner
Joined: Feb 2002
Posts: 7,203
Likes: 11
"open source" doens't mean you have to compile anything, when they don't supply a compiled version is when you have to compile wink ..

and anything can be "hacked" its just a matter of figuring it out... keep in mind that as soon as you tell someone how to crack things you've taken the first step to seeing it repaired...


Donate to UGN Security here.
UGN Security, Back of the Web, and VNC Web Services Owner
#2305 07/20/06 10:41 PM
Joined: Jul 2006
Posts: 12
Slyce Offline OP
Junior Member
OP Offline
Junior Member
Joined: Jul 2006
Posts: 12
Ok, so any idea on how to get that program to run? Because I'm lost. >_<

Quote:
keep in mind that as soon as you tell someone how to crack things you've taken the first step to seeing it repaired...
And true that mate, that's mostly the reason that they are up to aim v5.9 right now.


I don't hack. I simply test security, free of charge.

www.slyce.tk/
#2306 07/21/06 02:42 PM
Joined: Feb 2002
Posts: 7,203
Likes: 11
Community Owner
Offline
Community Owner
Joined: Feb 2002
Posts: 7,203
Likes: 11
What program? I don't recall telling you to use any program...


Donate to UGN Security here.
UGN Security, Back of the Web, and VNC Web Services Owner
#2307 07/21/06 02:46 PM
Joined: Jul 2006
Posts: 12
Slyce Offline OP
Junior Member
OP Offline
Junior Member
Joined: Jul 2006
Posts: 12


I don't hack. I simply test security, free of charge.

www.slyce.tk/
#2308 07/24/06 04:09 PM
Joined: Jun 2003
Posts: 807
Likes: 2
G
UGN Super Poster
Offline
UGN Super Poster
G
Joined: Jun 2003
Posts: 807
Likes: 2
Those hashes look a bit like base64.

#2309 07/25/06 02:08 AM
Joined: Feb 2002
Posts: 7,203
Likes: 11
Community Owner
Offline
Community Owner
Joined: Feb 2002
Posts: 7,203
Likes: 11
I thought so too, but they're not, trust me, i've run it through base64_decode and nothing... I'm relatively certain that they're des


Donate to UGN Security here.
UGN Security, Back of the Web, and VNC Web Services Owner
#2310 07/25/06 12:13 PM
Joined: Jul 2006
Posts: 12
Slyce Offline OP
Junior Member
OP Offline
Junior Member
Joined: Jul 2006
Posts: 12
I have also tried base64, all I got was a bunch of symbols. I've found a program that converts the hashes into MD5 hashes, and a website that decrypts MD5 hashes. This works, it gives me the correct password. The only problem is that the site only lets you decrypt a certain length of characters. The site is in german, but can be translated.

SITE

The text at the top translates to:
Code
MD5-Decrypter for:
- up to codes with four digits of A-z/ 0-9 (1.727.604)
 - up to codes with six digits of 0-9 (1.111.110)
 - frequently used passwords (720.139)
This was a problem. I spent a few hours online and found a program that decrypts MD5 hashes, as well as a hell of a lot more hashes. It's called "Cain & Abel". Incase you're intrested, the site is HERE . This works! Thanks for your help guys. laugh


I don't hack. I simply test security, free of charge.

www.slyce.tk/
#2311 07/25/06 04:01 PM
Joined: Jun 2003
Posts: 807
Likes: 2
G
UGN Super Poster
Offline
UGN Super Poster
G
Joined: Jun 2003
Posts: 807
Likes: 2
Everyone knows about Cain & Abel.

Though, when dealing with MD5, you're not decrypting. You're brute forcing the hash, considering it's a 1 way algorithm.

And, with regard to base64, the symbols aren't necessarily the password, but rather, the way the password is stored. The values represented to the program by the symbols may in fact be the password.

The reason I say that, is because, it is base64.

Use Cain & Abel to decode the base64, copy the hex values for that reversed string, split it in half (32 characters: an md5 hash), and you have an MD5 hash for the password.

I figured this out with your password list, and it worked.

#2312 07/25/06 04:36 PM
Joined: Feb 2002
Posts: 7,203
Likes: 11
Community Owner
Offline
Community Owner
Joined: Feb 2002
Posts: 7,203
Likes: 11
see, now this is why you salt your md5 hashes smirk


Donate to UGN Security here.
UGN Security, Back of the Web, and VNC Web Services Owner
#2313 07/27/06 12:28 PM
Joined: Jul 2006
Posts: 12
Slyce Offline OP
Junior Member
OP Offline
Junior Member
Joined: Jul 2006
Posts: 12
Ok, I think I get it now, thanks Ghost, this works great! laugh


I don't hack. I simply test security, free of charge.

www.slyce.tk/
#2314 07/28/06 10:33 AM
Joined: Oct 2002
Posts: 955
UGN Super Poster
Offline
UGN Super Poster
Joined: Oct 2002
Posts: 955
Nicely done smile

#2315 07/28/06 02:10 PM
Joined: Feb 2002
Posts: 7,203
Likes: 11
Community Owner
Offline
Community Owner
Joined: Feb 2002
Posts: 7,203
Likes: 11
Quote:
Originally posted by jonconley:
Nicely done smile
Spammer


Donate to UGN Security here.
UGN Security, Back of the Web, and VNC Web Services Owner

Link Copied to Clipboard
Member Spotlight
Phatal
Phatal
Houston, TX
Posts: 298
Joined: April 2004
Forum Statistics
Forums41
Topics33,840
Posts68,858
Average Daily Posts1
Members2,176
Most Online3,253
Jan 13th, 2020
Latest Postings
Where and how do you torrent?
by danni75 - 03/01/24 05:58 AM
Animation,
by JohanKaariainen - 08/15/19 01:18 AM
Blackbeard.....
by Gremelin - 10/03/18 07:02 PM
my old account still exists!
by Crime - 08/10/18 02:47 PM
Okay WTF?
by HenryMiring - 09/27/17 01:45 AM
The History Thread...
by Gremelin - 08/11/17 12:11 PM
My friend NEEDS your HELP!
by Lena01 - 07/21/17 12:06 AM
I'm having fun with this guy.
by gabithompson730 - 07/20/17 01:50 AM
I want to upgrade my phone
by gabithompson730 - 07/20/17 01:49 AM
Doom 3
by Cyrez - 09/11/14 08:58 PM
Amazon Gift Card Generator/KeyGen?te
by Gecko666 - 08/22/14 09:21 AM
AIM scene 99-03
by lavos - 09/02/13 08:06 AM
Planetside 2
by Crime - 03/04/13 07:10 AM
Beta Testers Wanted
by Crime - 03/04/13 06:55 AM
Hello Everyone
by Gremelin - 02/12/12 06:01 PM
Tracfone ESN Generator
by Zanvin Green - 01/18/12 01:31 PM
Python 3 issue
by Testing - 12/17/11 09:28 PM
tracfone airtime
by Drache86 - 07/30/11 03:37 AM
Backdoors and the Infinite
by ZeroCoolStar - 07/10/11 03:52 AM
HackThisZIne #12 Releaseed!
by Pipat2 - 04/28/11 09:20 PM
gang wars? l33t-wars?
by Gremelin - 04/28/11 05:56 AM
Consolidate Forums
by diggin2deep - 04/21/11 10:02 AM
LAN Hacking Noob
by Gremelin - 03/12/11 12:42 AM
Top Posters
UGN Security 41,392
Gremelin 7,203
§intå× 3,255
SilentRage 1,273
Ice 1,146
pergesu 1,136
Infinite 1,041
jonconley 955
Girlie 908
unreal 860
Top Likes Received
Ghost 2
Cyrez 1
Girlie 1
unreal 1
Crime 1
Powered by UBB.threads™ PHP Forum Software 7.7.5