How to Double Dutch (PHP)

[QUOTE=Moonbat;22625]Saudi Arabia has some good hackers, one of them could be targeting us. After this whole Saudi thing, I changed my pw up big time.[/QUOTE]

I just changed mine to be secure. Now, it's related to one of my favourite quotes, so I shouldn't need to look at passwords.txt every time I log in.

Just for the record though, we could own all mid-eastern hackers. The most I've seen coming from there are the Turkish kiddies defacing sites proclaiming their patriotism and that they rule us all. That's pretty far from Saudi Arabia though.

The other sort of 'hacking' communities I've seen are the wannabe terrorist groups. These probably produce such successes as the recent 'attacks' here in England/Scotland. Self-pwnage.

Ha, no.

It's sad that they kill themselves in the name of their delusions, but it's hard to feel pity for someone who may hijack your next flight and turn it into a raging inferno.

We should seriously boot these terrorist bastards off our internet. Maybe that'll be my next project: internet vigilantism.

[QUOTE=SyntaX******;22627]Are you giving up before posting the hash? :rolleyes:

Your making it sound like its an easy crack. Want to switch roles in the challenge? I give you the two hashes and you give me my password.[/QUOTE]

Actually, I'm too lazy to rehash. :rolleyes: And I suck at coding.

I really just want to see the code.

I think I need a big vacation from forums like SyntaX took to learn more...

This entire thread was to demonstrate that using the Double Dutch method does not further help secure a password. :mad:

Someone, anyone, follow the rules and throw two hashes at me.

The rules themselves are the undoing of this test. No #, (, @, or anything else, only 5 char passwords. Ideally, the attack has no idea of the length or composition of a password.

[b]The rules were created to lessen the actual crack time[/b]

The password could be *0,20,50 characters long but it would take longer to crack. If you add more possible characters combinations this only ads to the cracking time.

These two variables have nothing to do with Double Dutch. Again, this post is to prove that the Double Dutch method does not further secure a password. There is no correlation between what you are saying and double dutch.

Aight well, I did a totally new method, so these hashes will be different from the ones I posted earilier. But rest assured, they are still following your rules.

[CODE]My Hash - *e0*fb4**70da6adb7a*2a*d54e48ac2
Your Hash - bd*de5d78f*ecf75*0f885edf7a7f*ef[/CODE]

But after you prove me wrong, please release your code, I needz0r it! :p

Ok. Found your hashing method: [url=http://www.syntax******.info/img/proof_*.jpg] Proof [/url]

It took me *0 seconds to find your hashing method as you can see in the image I provided. You may ask what the hell 0:*:*:0:0:* is right?

0=MD5
*=SHA*

So your method of hashing the password is as follows:
[code]md5(sha*(sha*(md5(md5(sha*("aa"))))))[/code]

On to cracking the password... :cool:

It was pretty easy, only 6 times, *0 less than my previous hashing method. But no matter what, you would've found out how many times and in what order I hashed the password. After all, if it took you *0 secs to find that, you easily could've found my original one in less than * minute.

It will take a maximum of 27 hours to crack the password using 6 hash over hashes, so I will post back once my CPU catches fire, or the password is cracked. I have the computer opened up with fans blowing directly on the processor so hopefully it will make it that through the night running at *00% CPU.

You should turn off some of your unneccesary processes, if you have any running.

Nope, just php at *00% - Its an older AMD processor but will eventually get the job done.

[QUOTE=SyntaX******;22654]It will take a maximum of 27 hours to crack the password using 6 hash over hashes, so I will post back once my CPU catches fire, or the password is cracked. I have the computer opened up with fans blowing directly on the processor so hopefully it will make it that through the night running at *00&#*7; CPU.[/QUOTE]

Are you sure that [b]you[/b] will make it through the night? It's an obvious fire risk.

What if you had a cat/dog in your house, and it licked the open computer mother***rd? What if it spilled the [copious amounts of] coffee on your desk onto the open computer?

Well, don't say we didn't warn you. You might want to write out a will though.

I have to say, when someone challenges you, you never seem to give up.

SyntaX is stubborn :rolleyes:

I told him I'd admit defeat if he just gave out the code for generating every possible Double Dutch combo (from 2 times to 20) of a ASCII string, cus after all I just wanna learn in the end, but he insists on winning fair and square.

But by some miracle he doesn't win, he'll have wasted all his time, wasted electricity, and I'll be seeing a nice little sticky from him named "PWNED BY MOONBAT" and dead animals

P.S. - The reason I <* dead animal pics so much is because the first time I ever defaced a site (milw0rm 'sploit, PHP-Fusion CMS site for some Counter-Strike clan) I posted a pic of a dead dog hanging from a tree. Yes, it's morbid. No, I don't care how sick you think I am. :)

I would consider myself more persistent. Stubborn hangs on to a negative connotation. The only reason I'm really being "persistent" with this case is because I have never actually tried to crack a password. I have no reason to, nor will every have any reason to. In theory, it works out in my head so I not only am proving it to you, but also to myself. I have lots of theories that should work, but have never been tested.

Well, nevermind thats a bunch of BS. I just cant wait to see Moonbats version of justgotowned.com posted on youtube. I cant let him get out of this one!

[QUOTE=Moonbat;22666]
P.S. - The reason I <* dead animal pics so much is because the first time I ever defaced a site (milw0rm 'sploit, PHP-Fusion CMS site for some Counter-Strike clan) I posted a pic of a dead dog hanging from a tree. Yes, it's morbid. No, I don't care how sick you think I am. :)[/QUOTE]

I've just realised that I've never defaced a site. Perhaps that's a good thing, or perhaps a bad thing.

See here:

[url]http://tinyurl.com/yvsxh[/url]























If you looked at that pic and thought "there's ol' goatse again" without being offended at all, or even admired the great feat of anus-stretching, you are desensitised to the internet.

I'm desensitised, but I don't think I'm 'sick'.

I don't know what qualifies as sick. Perhaps you are sick.

I'm in such a weird mood that I feel like posting some Youtube videos:

My favourite music video (serious):

[url]http://*****************/watch?v=ABqh*N-Mw5E[/url]

My favourite 'spot the difference' video (non-serious):

[url]http://*****************/watch?v=xCvhDPq6mBI[/url]

Meme *:

[url]http://*****************/watch?v=upvweQDrd5c[/url]

Meme 2:

[url]http://*****************/watch?v=oHg5SJYRHA0[/url]

Meme *:

[url]http://*****************/watch?v=EwTZ2xpQwpA[/url]
[url]http://*****************/watch?v=caIBKOztlAo[/url]
[url]http://*****************/watch?v=*oFS-q8BIps[/url]
[url]http://*****************/watch?v=JNEgr6ua6VQ[/url]

Welcome to the internet.

By the way, if it's time to concede defeat (actual purpose of thread):

[url]http://moonbat.justgotowned.com/[/url]

Edit: justgotowned is down.