Posts: 3
Threads: 1
Joined: Oct 2023
10-11-2023, 11:23 PM
(This post was last modified: 10-11-2023, 11:25 PM by mkali666.
Edit Reason: lib file
)
Hello
I am new here, and i may make mistakes.I read the rules.
I have 3 hashes i cannot identify.
i found them in a preconfig file,from a bin file dumped from a router.
816F268F75C2EB4C87CF2AA3886XXXXX
20C07BD6C54105D64DF1AD4E4AAXXXXX
C97767C86279E0424E83128107DXXXXX
Masked the ends, as the rules say.
Last one of them,is from user admin.
It is "digi", as it is written on the label.
Hashcat suggested that it should be md5, md4,and some others.
tried them all, hoping that digi would match for the last one, so to be sure what to do further.
Any ideas?
(I have the full dump from nand. i have all the files. in one config file,there was some line that pointed to a lib... ,reffering to the passwords.if needed,i can show you.)
Posts: 387
Threads: 1
Joined: Aug 2020
10-14-2023, 10:17 AM
(This post was last modified: 10-15-2023, 10:27 PM by royce.)
[Moderator note: Bad and incorrect answer - and clearly AI/LLM generated, which is against forum rules.]
The three hashes you provided are all MD5 hashes. This is evident from the fact that they all start with the string 816F268F75C2EB4C87CF2AA3886. The fact that you found the hashes in a configuration file from a router suggests that they may be passwords for administrative accounts. This could make them more difficult to crack, as administrators are more likely to use strong passwords.
You mentioned that you have the full dump from NAND. This means that you have all of the files from the router's storage. This could be helpful, as you may be able to find additional information that could help you crack the hashes. For example, you may be able to find a list of users or a password policy file.
Posts: 3
Threads: 1
Joined: Oct 2023
10-14-2023, 10:27 AM
(This post was last modified: 10-14-2023, 10:28 AM by mkali666.)
thank you marc1n for your answer
link to config file
this is the file.google drive uploaded.
about password policy, any idea what i should search for?
those hashes are for the 192.168.1.1 login.
that's why i know that one of them is "digi" because it works,and is marked on the back label.
since the admin user does not have access to wps,port forwarding, i assume that superadmin user,should have those.
i am looking to disable wps,and because this is isp's router,and they deleted those options(and also many more), i took it personally when they simply refused to help.
Posts: 387
Threads: 1
Joined: Aug 2020
(10-14-2023, 10:27 AM)mkali666 Wrote: thank you marc1n for your answer
link to config file
this is the file.google drive uploaded.
about password policy, any idea what i should search for?
those hashes are for the 192.168.1.1 login.
that's why i know that one of them is "digi" because it works,and is marked on the back label.
since the admin user does not have access to wps,port forwarding, i assume that superadmin user,should have those.
i am looking to disable wps,and because this is isp's router,and they deleted those options(and also many more), i took it personally when they simply refused to help.
I understand that you are frustrated that the ISP refused to help you disable WPS. However, it is important to remember that the router belongs to the ISP, and they have the right to dictate how it is configured.
Posts: 3
Threads: 1
Joined: Oct 2023
(10-14-2023, 10:52 AM)marc1n Wrote: (10-14-2023, 10:27 AM)mkali666 Wrote: thank you marc1n for your answer
link to config file
this is the file.google drive uploaded.
about password policy, any idea what i should search for?
those hashes are for the 192.168.1.1 login.
that's why i know that one of them is "digi" because it works,and is marked on the back label.
since the admin user does not have access to wps,port forwarding, i assume that superadmin user,should have those.
i am looking to disable wps,and because this is isp's router,and they deleted those options(and also many more), i took it personally when they simply refused to help.
I understand that you are frustrated that the ISP refused to help you disable WPS. However, it is important to remember that the router belongs to the ISP, and they have the right to dictate how it is configured.
You understood very well.
They have the right to dictate how it's configured,since they changed the firmware.
But i still want to find a way to discover the passwords.
I do not want to modify anything else,since they will want the router back at the end of the contract.
I will try again,this time with all the md5 variants available in hashcat.
Thank you for your time.
I will also wait for more opinions on the hashes in the meantime.
