Pages: [1]

Author Topic: How is this encrypted  (Read 1002 times)

0 Members and 1 Guest are viewing this topic.

Offline JacobTheArbiter

  • /dev/null
  • *
  • Posts: 6
  • Cookies: 0
    • View Profile
How is this encrypted
« on: May 01, 2012, 07:41:54 am »
Hi again Evilzone
I just posted a few days ago to do with how i found the school admins password and I wanted to keep a backdoor open for access at any time
I explain it more elequently here
http://evilzone.org/hacking-and-security/school-network-got-the-admin's-password/
 
I have made quite a lot of headway on this project but I have found something else, a .yaml file with many Usernames and passwords in it, the issue is that im not sure how it is encrypted i was wondering if you could have a look at it for me and tell me how to decrypt it
any help would be greatly appreciated
 
by the way i know it says sha2 but apparently this string is too small for sha2
also i have tried base64 but that didnt work for me
 
as I said any help is greatly appreciated
 
---
- _sha2_: 8b443458a9393e8485fc96b031a7afab4e0bd7a9
- admin:
    :device:
    :login: admin
    :p: 18lP97fHBJZkQjJDEuImpA==
    :type: snmp
  Administrator:
    :device:
    :login: Administrator
    :p: ZZoIM/eAO8vEU6tCzCZx+tXU41qWvOBevuUxiH5XXWY=
    :type: wmi
  Cisco:
    :device:
    :login: root
    :p: BjrmO0lvEh5zTixRGbSrgQ==
    :type: http
  esx admin:
    :device:
    :login: root
    :p: k/Msj0boNfFoNtN5EQ3fGA==
    :type: esx
  esx root:
    :device:
    :login: root
    :p: 9XNI6SKSBfhN0kYyF92SgA==
    :type: esx
  local admin:
    :device:
    :login: Administrator
    :p: DiyCFf2mKrtB+LureWB0nQ1QDouxzkordtT1s1yio0A=
    :type: wmi
  localadmin:
    :device:
    :login: localadmin
    :p: /T9g/pXqd2v3eqdilhZVWNgtLhJaay4RcFV8ZO06ems=
    :type: ssh
  mac local admin:
    :device:
    :login: localadmin
    :p: SMEgTRIXBooP1FeRrcrSOA3eta/DbhskLdDDK2tFhv8=
    :type: ssh
  None:
    :device:
    :login: Will Not Try WMI
    :p: PJ19x19hPduZyth8V5O3vCLqt62GpH1KAd0H3f8avPU=
    :type: wmi
  Public:
    :device:
    :login: public
    :p: 1G+iFdT5x+WDmzv+6cQyag==
    :type: snmp
  schadm:
    :device:
    :login: schadm
    :p: Csc42VzYSe4oYV84aZM+5w==
    :type: wmi
 
Thanks guys :)
Report to moderator   Logged

Offline JacobTheArbiter

  • /dev/null
  • *
  • Posts: 6
  • Cookies: 0
    • View Profile
Re: How is this encrypted
« Reply #1 on: May 01, 2012, 07:44:01 am »
I also found this
 
CytJYo8ttT5bkOfhEBjWRQJFyEopywcE
 
In a file called secret.txt
 
any ideas guys?
Report to moderator   Logged

Z3R0

  • Guest
Re: How is this encrypted
« Reply #2 on: May 01, 2012, 11:30:27 am »
They're all encoded with Base64, and when decoded they all come back as binary data. Give me some more time and I'll see if I can do anything else.

EDIT: This is a hexdump of the binary I got from the secret.txt
Code: [Select]
2b0b62492d8f3eb5905be1e7181045d645024ac8cb290407Your guess is as good as mine, but if it is a hash, there are only two algorithms that spit out a 24-byte digest, and that is Haval-192, and Tiger, but I highly doubt it's either of those.
« Last Edit: May 01, 2012, 11:42:16 am by m0rph »
Report to moderator   Logged

Offline JacobTheArbiter

  • /dev/null
  • *
  • Posts: 6
  • Cookies: 0
    • View Profile
Re: How is this encrypted
« Reply #3 on: May 01, 2012, 01:54:29 pm »
wow thanks a lot for such a detailed answer :)
i didnt expect that
and trust me, your guess is much better than mine :P
Report to moderator   Logged
Pages: [1]