![]() ![]() The way the club worked is they would email you a RAR file and the PDF books in the RAR file were password protected. And I'm an idiot.Ī couple decades ago (I know - I was cleaning out some old files and found my repository) I subscribed to a "book of the month" club. The code for RAR5.0 hash extraction is also in the link above, I just didn't catch it at first, functions for it are smaller. The attacks worked how I explained above. That said, before RAR5.0 they didn't do this. Personally I find it counterintuitive, but maybe the guys at WinRAR have some sort of stats to back up this decision. They do this with a really slow hashing function, so the attacker wastes time generating hashes. u/counter2555 linked the RAR FAQ and apparently in RAR5.0 they ACTUALLY have a password hash saved in the archive. Why would the decryption password EVER be stored as a hash in the RAR itself?ĮDIT: Alright boys pack it up. You literally linked the code and you can very clearly see it takes a chunk of the RAR, that is a known plaintext, and tries to bruteforce a password that decrypts that chunk. Holy shit how are you guys ganging up on the dude that is right? Play nice, support each other and encourage learning. We are not tech support, these posts should be kept on /r/techsupportĭon't be a dick. Low-effort content will be removed at moderator discretion from security firms/pen testing companies is allowed within the confines of site-wide rules on self promotion found here, but will otherwise be considered spam. Spam is strictly forbidden and will result in a ban. Sharing of personal data is forbidden - no doxxing or IP dumping ![]() No "I got hacked" posts unless it's an interesting post-mortem of a unique attack. "How does HSTS prevent SSL stripping?" is a good question. Intermediate questions are welcomed - e.g. Offering to do these things will also result in a ban.Asking how to get into your "girlfriend's" instagram.This is not the place to try to find hackers to do your dirty work and you will be banned for trying. Discussion around the legality of issues is ok, encouraging or aiding illegal activities is not Hacking can be a grey area but keep it above board. "TeenagerĪrrested in Computer Crime Scandal", "Hacker Arrested after Bank Tampering". Guides and tutorials are welcome here as long as they are suitably complex and most importantly legal!īans are handed out at moderator discretion.Īnother one got caught today, it's all over the papers. This sub is aimed at those with an understanding of hacking - please visit /r/HowToHack for posting beginner links and tutorials any beginner questions should be directed there as they will result in a ban here. What we are about: quality and constructive discussion about the culture, profession and love of hacking. A subreddit dedicated to hacking and hacking culture.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |