Viewing a single comment thread. View all comments

sudo wrote

Interesting, all of the hashes start with "$P$B". Is that supposed to be a salt? They know they're supposed to concatenate the salt and the password before putting it through the hash function, right...

Does anyone recognize what hash function they used?

1

ymir OP wrote

So it is definitely wordpress and I think the salt is in the second link in the wordpress config file.

2

ymir OP wrote (edited )

Here is from the wp-config.php:

define('SECURE_AUTH_KEY',  '5v[9(}B-UfT^szR5}ri?Bhj([2Apa#5kRal`iEh^Hv~u2mH5 0zjLe({Dd>RE_A8');
define('LOGGED_IN_KEY',    ';&BBDP8]9f,cJd?L+&/xAQ#lY;?B8S]Luju|&&~=e,-o7@tK_CU^~^.B2ssnVL*n');
define('NONCE_KEY',        '`|9Ofp9&N|aa9cE]D`6CId6Iqo+e+m%L Uxm#-VDV#*+pW<6!KU<Nx&n5Jq$%=FO');
define('AUTH_SALT',        'f0Uu0[cKX9]19g?#s<%)}>T?+(K:E/^}W$mHYWjaew>lSL_rnN@r=ALX::;U-t+C');
define('SECURE_AUTH_SALT', '7}P>3E6k%I&crsNb/8bpQI3y8=p:;G>.T24j4&EQaeMN!>,m+DoZ4xy75GFPs~ F');
define('LOGGED_IN_SALT',   'TJG`#D<!kj+(pU*%F}pp-wYO:2kli*Q9o9n5qBL6gI@~+MIMnuHBK7/6W$=f#gzq');
define('NONCE_SALT',       '2|Mp[AT{H$m_^WXD/AR$_WHf;%T@4PsT~>P)*QWX3bXu<gWbp,fxb+^WcD@Sg.a]'); ```
1

dele_ted wrote

What happened to all of this? Did you manage to crack the hashes? Shouldn't be too difficult, the configuration looks like a mess, and you have all the information from wp-config.

1