| 1 |
@licho:
|
1 |
@licho:
|
| 2 |
\n
|
2 |
\n
|
| 3 |
passwords in uberserver db are stored as they are sent from clients which is basicly plaintext:
|
3 |
passwords in uberserver db are stored as they are sent from clients which is basicly plaintext:
|
| 4 |
\n
|
4 |
\n
|
| 5 |
clients send the password md5 hashed and then converted to base64.
|
5 |
clients send the password md5 hashed and then converted to base64.
|
| 6 |
\n
|
6 |
\n
|
| 7 |
there are a lot of online md5 online password decryptors, so you could even recover the originial password easily. but if you have the base64 string from the uberserver db, you can easily use it to login as this is what is used as password.
|
7 |
there are a lot of online md5 online password decryptors, so you could even recover the originial password easily. but if you have the base64 string from the uberserver db, you can easily use it to login as this is what is used as password.
|
| 8 |
\n
|
8 |
\n
|
| 9 |
\n
|
9 |
\n
|
| 10 |
basicly what we use/have in lobby protocol is plaintext, md5 doesn't protect the original password nor does the protocol prevent sth. like a "replay attack" (=send the sniffed data again)
|
10 |
basicly what we use/have in lobby protocol is plaintext, md5 doesn't protect the original password nor does the protocol prevent sth. like a "replay attack" (=send the sniffed data again)
|
| 11 |
\n
|
11 |
\n
|
| 12 |
if zero-k is using the base64/md5 password to store it in db its equivalent plaintext, too.
|
12 |
if zero-k is using the base64/md5 password to store it in db its equivalent plaintext, too.
|
|
|
13 |
\n
|
|
|
14 |
(very likely i wrote a short version of this)
|
electric sheepsploit