Free Republic
Browse · Search 		News/Activism
Topics · Post Article

To: Myrddin

Which makes me wonder again. Why ask for the hash files if they can just get the passwords the old fashioned way?


125 posted on 07/25/2013 7:17:45 PM PDT by Black Agnes
[ Post Reply | Private Reply | To 117 | View Replies ]

To: Black Agnes
If you get the hash files, then you can use the rainbow tables to map a plain text ASCII password that will produce the hash. At that point, you have access to the account with the password through the front door. You get all the privileges accorded via the authentication and authorization applied to that user. Cookies and sessions work via the web interfaces. If you're really brazen, you can also change the password as most systems require presentation of the old password in the process of creating a new one.
131 posted on 07/25/2013 7:42:16 PM PDT by Myrddin
[ Post Reply | Private Reply | To 125 | View Replies ]

Free Republic
Browse · Search 		News/Activism
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson