[AusNOG] ABC Website Hacked

Giles Pollock glp71s at gmail.com
Wed Feb 27 14:43:07 EST 2013


Looks like SHA1, some of the hashes match SHA1 rainbow tables if you do a
quick google search... Hope ABC is locking down and letting people know to
change their passwords on other services...

On Wed, Feb 27, 2013 at 2:40 PM, Damian Guppy <the.damo at gmail.com> wrote:

> However if they are using a common unsalted hash like MD5 then it is
> trivial to use a rainbow table to get the passwords in seconds.
>
> --Damian
>
>
> On Wed, Feb 27, 2013 at 11:39 AM, Noon Silk <noonslists at gmail.com> wrote:
>
>> On Wed, Feb 27, 2013 at 2:18 PM, Tim March <march.tim at gmail.com> wrote:
>> >
>> > [...]
>> >
>> > I haven't looked at the dump but I won't be surprised if the passwords
>> are
>> > trivially decryptable if they're encrypted at all. 1Password is your
>> friend.
>>
>> So-as to prevent continued mis-use of language here; hashed passwords
>> can't be "decrypted". It is only possible to find another string which
>> hashes to the same value.
>>
>>
>> > T.
>>
>> --
>> Noon Silk
>>
>> Fancy a quantum lunch? https://sites.google.com/site/quantumlunch/
>>
>> "Every morning when I wake up, I experience an exquisite joy — the joy
>> of being this signature."
>> _______________________________________________
>> AusNOG mailing list
>> AusNOG at lists.ausnog.net
>> http://lists.ausnog.net/mailman/listinfo/ausnog
>>
>
>
> _______________________________________________
> AusNOG mailing list
> AusNOG at lists.ausnog.net
> http://lists.ausnog.net/mailman/listinfo/ausnog
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20130227/b3a6b7eb/attachment.html>


More information about the AusNOG mailing list