Does that shit still work for Gaia?
i remember doing that years ago...
Printable View
Does that shit still work for Gaia?
i remember doing that years ago...
No, because there's no way to get the hash of the account unless you have the user's password or access to the database. And hash 'hacking' was just cracking the hash and cracking is generally unreliable, so it's ineffective anyway.
How did you guys grab all of the users' hashes? That must have been one insanely insecure database.
Derp thanks.
Exploitz obviouslyQuote:
Originally Posted by Flareboy323
damn bro u a hash hacker? me 2!
Well I can't imagine that the servers were vulnerable for very long, if practically everyone seems to be decrypting hashes.Quote:
Originally Posted by The Unintelligible
Ones does not simply "decrypt" (MD5) hashes. It doesn't work like that. Unless you can magically reverse engineer the hash algorithm. In which case the integrity of the algorithm sucks or you're some super genius hacker.
You typically crack the hashes - usually through rainbow tables or generic database look-ups (which was the main way it was done on Gaia back then).
omg bro so am i. wanna be hash haxor buddies?!?!??!111@#Quote:
Originally Posted by 2pac
Wanna join 2 Flare???? you can be our official leader!
Well normally you can just decrypt MD5s unless they're salted or otherwise.Quote:
Originally Posted by The Unintelligible
No, the purpose of a salt is to further prevent hash cracking. You can't decrypt MD5 because it isn't an encryption algorithm like RC4. It's hashing.Quote:
Originally Posted by Flareboy323
Encryption and hashing are two different things.
hellz yeah i already got cain and abel fired upQuote:
Originally Posted by The Unintelligible
//opens Cain and AbelQuote:
Originally Posted by 2pac
wow, I completely forgot that Cain actually had hash cracking tools on it o-o
actually you can decrypt md5 hash, I wouldn't have asked if the shit still worked if you couldn't.
You don't decrypt the hash. Decrypting it would take no effort and would be a completely unsecure security mechanism.Quote:
Originally Posted by itzboogey
What people do is crack them. Difference between the two is decrypting is simply systematically converting the cipher back to the original format. Hashes generally aren't reversed and instead are cross-referenced with the account so plain-text isn't exposed (and other security related purposes) as that would be a security fallacy.
See Encryption - Wikipedia, the free encyclopedia and Hash function - Wikipedia, the free encyclopedia
Again you're referring to hash cracking. Which sometimes involves minimal effort. Example being is this open source proof of concept project on Github. https://github.com/juuso/BozoCrack
http://cdn2.mamapop.com/wp-content/u...oreyouknow.jpg
I always thought of md5's like words in a dictionary, every md5 has its own definition that someone figured out.
Haha, this analogy is partially true. Only not every MD5 has a definition that could be figured out (well, technically, in theory any hash can be figured out. But in some cases [i.e. salted hashes] it could take up to forever to crack the hash).Quote:
Originally Posted by Omlett
That's what makes cracking unreliable. But there's two sides to every coin - it's also at the same time sometimes very effective. It all depends on factors like the scenario/horsepower available to you/tools/etc.
Do they still have the program where you can look through emails and find ones connected to gaia, hack the email and then reset their gaia pass?
I KNOW that method used to work, guarantee it is now obsolete.
It's a lot more complicated than that I just woke up so I sound dumb.
:p
It's obsolete now for the most part. I happen to have a program I made a couple months back that still roughly supports Yahoo emails, but there is no 100% solid method.Quote:
Originally Posted by jacklanister
And it's even more obsolete because there isn't any way to get emails in the first place anymore.
Yeah, it would work if a yahoo email is attained? o:Quote:
Originally Posted by The Unintelligible
Thanks for inspiring me, I might throw something together that checks for taken emails, and can give you a linked username haha. And yes, I have a method to find an email addresses account.Quote:
Originally Posted by The Unintelligible
What do you mean.Quote:
Originally Posted by jacklanister
Inspiration is beautiful.
Quote:
Originally Posted by Flareboy323
If I get a yahoo email connected to a wealthy gaiaonline account I can hack the email and request to reset the gaiaonline account's password, attain the password, change the yahoo email addresses password, login to the gaiaonline account?Quote:
Originally Posted by The Unintelligible