Web Application Security
Back to list
*Note: Email address will appear as "user domain ext" to prevent harvesting.
Determine Salt used by MySQL in root'd server
Jun 12 2011 08:00AM
Voulnet (voulnet gmail com)
Hello folks, I'm doing a pentest on a server, and I got root access
through a Joomla web app, I got a dump of the jp_users table in MySQL,
however the passwords are obviously hashed and salted. I honestly
don't expect the passwords to be strong, so they can be bruteforced,
md5-looked up easily. Howe...
[ more ]
Copyright 2010, SecurityFocus