So we already proofed that those strings are base64 encoded, see example decoding (pls avoid online base64 decoding for non-ascii-chars , there are problems w/ encoding the bytes server-side, displaying them client-side etc):
This is interesting because the first part seems to be exactly a 32-length long string of (maybe) random hex-chars (like in md5, but it could be also something completely different like half md5 + salt etc, j/k):
c0eb340c382c483309e8b784e7f88a05
The problem now is to identify and analyze the other parts and their meaning.
What you can do next is to test some variation of md5 (pass + salt), md5 (salt + pass) and/or some iterations of md5.
But first you should check if a salt is somehow involved by creating a new account (or if not possible just a password-change) and setting the password again to "password1". If the two hashes are identical than no salt is involved.
It could ofc also be that the username is somehow involved etc etc...
As atom said, nobody can said until someone reverses the algo or has luck and solves the puzzle without RE.
Code:
echo -n "wOs0DDgsSDMJ6LeE5/iKBQAAAABfQUxMAAAAIAAAACE=" | base64 -d | xxd -p
c0eb340c382c483309e8b784e7f88a05000000005f414c4c0000002000000021
This is interesting because the first part seems to be exactly a 32-length long string of (maybe) random hex-chars (like in md5, but it could be also something completely different like half md5 + salt etc, j/k):
c0eb340c382c483309e8b784e7f88a05
The problem now is to identify and analyze the other parts and their meaning.
What you can do next is to test some variation of md5 (pass + salt), md5 (salt + pass) and/or some iterations of md5.
But first you should check if a salt is somehow involved by creating a new account (or if not possible just a password-change) and setting the password again to "password1". If the two hashes are identical than no salt is involved.
It could ofc also be that the username is somehow involved etc etc...
As atom said, nobody can said until someone reverses the algo or has luck and solves the puzzle without RE.