Cracking spammer hashes
#1
Hello all, not sure if this is something allowed on the forums so if not feel free to delete it. Given the oclGaussCrack efforts I thought people might be open to it.

I have been doing some research on spammers and their infrastructure, and I have come across a few web shells they are using to access compromised boxes. These web shells use MD5 auth, with the hash embedded in the shell.

I have taken a shot at cracking these, but so far unsuccessfully. If people are amenable to this sort of thing I can post the hashes from the shells I've found.
Reply
#2
Why don't you modify the shells to email you the password as soon as someone logs into it?
Reply
#3
(10-22-2014, 09:23 PM)undeath Wrote: Why don't you modify the shells to email you the password as soon as someone logs into it?

Smile yes I have had similar thoughts, however these are not my machines; they are compromised sites that have been made to serve spam/phishing sites. While I almost certainly could get access to these machines the same way that the spammers did to make such a change, I believe doing so would be illegal, and as such I have refrained.
Reply