Strength said:Thanks, found 30m from the dump.
ImSoPro said:Strength said:Thanks, found 30m from the dump.
How did you do it?
I can't find a way to solve it!
Daniel said:ImSoPro said:Strength said:Thanks, found 30m from the dump.
How did you do it?
I can't find a way to solve it!
Lol pretty sure he's trolling you. Even though he decrypted it he doesn't has the login username/email (unless you dumped something else in the forum)
Aceo said:crypter.co.uk or sumtin?
Crin said:Since the software will need to be able to get the password back from that, it's not a hash of any kind. The sites listed above won't help. A good resource I use for determining hash types is this: http://www.insidepro.com/hashes.php
I did a bit of searching and I can't find any solid information on the precise encryption it uses. It's either SHA-1 or DES, possibly using the MAC address as a key. I've also heard the decryption might be done server side now, but there's a lot of different things being said.
If it's written in java (.jar file) then I can try and decompile the source and see what's going on. It might be obfuscated though, so no guarantees there.
ImSoPro said:Crin said:Since the software will need to be able to get the password back from that, it's not a hash of any kind. The sites listed above won't help. A good resource I use for determining hash types is this: http://www.insidepro.com/hashes.php
I did a bit of searching and I can't find any solid information on the precise encryption it uses. It's either SHA-1 or DES, possibly using the MAC address as a key. I've also heard the decryption might be done server side now, but there's a lot of different things being said.
If it's written in java (.jar file) then I can try and decompile the source and see what's going on. It might be obfuscated though, so no guarantees there.
The saved usernames/password/pins is not in a .jar file, but an .ini file. Do you want the .ini file?
Anyway, EpicBot itself is a .jar.
ImSoPro said:I have theirs HWID and I have access to their computers.
Crin said:Their source is obfuscated using Allatori (http://www.allatori.com/) so I can't see the decryption/encryption method.
All I can tell you is it's hardware based. It could use one or more of many hardware based identifiers as there's no standardised HWID algorithm. It could also use the PC name, current username, etc as part of the key.
If I get time I'll look in to it further tomorrow.
Haywire said:ISP, why don't you just wait till they log-in, and take the keylogger ?
We use cookies and similar technologies for the following purposes:
Do you accept cookies and these technologies?
We use cookies and similar technologies for the following purposes:
Do you accept cookies and these technologies?