+- hashcat Forum (https://hashcat.net/forum)
+-- Forum: Misc (https://hashcat.net/forum/forum-15.html)
+--- Forum: General Talk (https://hashcat.net/forum/forum-33.html)
+--- Thread: Cracking spammer hashes (/thread-3773.html)
Cracking spammer hashes - pragmatic - 10-22-2014
Hello all, not sure if this is something allowed on the forums so if not feel free to delete it. Given the oclGaussCrack efforts I thought people might be open to it.
I have been doing some research on spammers and their infrastructure, and I have come across a few web shells they are using to access compromised boxes. These web shells use MD5 auth, with the hash embedded in the shell.
I have taken a shot at cracking these, but so far unsuccessfully. If people are amenable to this sort of thing I can post the hashes from the shells I've found.
RE: Cracking spammer hashes - undeath - 10-22-2014
Why don't you modify the shells to email you the password as soon as someone logs into it?
RE: Cracking spammer hashes - pragmatic - 10-22-2014
(10-22-2014, 09:23 PM)undeath Wrote: Why don't you modify the shells to email you the password as soon as someone logs into it?
yes I have had similar thoughts, however these are not my machines; they are compromised sites that have been made to serve spam/phishing sites. While I almost certainly could get access to these machines the same way that the spammers did to make such a change, I believe doing so would be illegal, and as such I have refrained.