How to decode Yahoo password?

How to decode Yahoo password?
Secure Home | Search | About
Login Password
Register Now! Lost Password?
 General Computer Security    Post an article   get this group's latest topics as an RSS feed add this group's latest topics to your My MSN content add this group's latest topics to your My Yahoo content add this group's latest topics to your Google content
Subject Author Date
How to decode Yahoo password? tuanma78 07-17-2005
Posted by tuanma78 on July 17, 2005, 9:59 pm
If you were  Registered and logged in, you could reply and use other advanced thread options
Hi all!

I've got a soft that capture the Yahoo session like:

"http://login.yahoo.com/config/login?.tries=3&.
src=ym&.md5=&.hash=&.js=1&.last=&promo=&.intl=us&.bypass=&.partner=&.u=40avnjt1da3t7&.v=0&.challenge=gJHnjP93jlYiEyzbwnYDOBQNrmn5&.y
plus=&.emailCode=&pkg=&stepid=&.ev=&hasMsgr=1&.chkP=Y&.done=http%3A//mail.yahoo.com&login=test123&passwd=9c207190bd41430c9157fc5c
a8a84d57&.persistent=&.save=1&.hash=1&.md5=1"

Can anyone know how to decode the passwd hidden under
"&passwd=9c207190bd41430c9157fc5ca8a84d57&" ???

Thanks and regards

Tuanma.


Posted by JaviZ on July 20, 2005, 8:12 am
If you were  Registered and logged in, you could reply and use other advanced thread options
I don't know the code behind yahoo servers but IMHO it can not be
decryped... well, at least not easily! :)

Why? You are sending the result of a hash function applied on your
passowrd. A hash function is a one way function (it can not be
reversed)... It _seems_ yahoo is using MD5 (128 bits) (according to
your posted URL).

More info about this:
http://en.wikipedia.org/wiki/Hash_function

BTW: the hashed password is passwd=9c207190bd41430c9157fc5ca8a84d57
(without the &), now you should decode every pair of chars (hex code)
into binary to get the "real" MD5 hash code, so you get the 128 bits...
For example: 9C (Hex) is 156 (dec), 10011100 (bin), these are your
first 8 bits, you can get the rest! :)
Anyway if i'm correct and this is a MD5 hash you won't do anything
useful with this...

Just for fun i will try to crack it for you! Well, to tell the truth i
will try hashing words and compare them with your posted hash...
I will try using some dictionary (306000 words), and will add 2 numbers
(00..99) at the end, and also i will play mixing caps and reversing
it...

tic...tac...tic...tac... (around 30 minutes later)

Nothing!!!! your only hope now is using brute force on it. I don't
recomend this method even if this is the old MD5 alg., with just 128
bits... it will take too much computer cycles!!!! But of course it will
depend on how important it is that "information" :)

Warmly,
Javier Echaiz


tuanma78 wrote:
> Hi all!
>
> I've got a soft that capture the Yahoo session like:
>
> "http://login.yahoo.com/config/login?.tries=3&.
>
src=ym&.md5=&.hash=&.js=1&.last=&promo=&.intl=us&.bypass=&.partner=&.u=40avnjt1da3t7&.v=0&.challenge=gJHnjP93jlYiEyzbwnYDOBQNrmn5&.y
>
plus=&.emailCode=&pkg=&stepid=&.ev=&hasMsgr=1&.chkP=Y&.done=http%3A//mail.yahoo.com&login=test123&passwd=9c207190bd41430c9157fc5c
> a8a84d57&.persistent=&.save=1&.hash=1&.md5=1"
>
> Can anyone know how to decode the passwd hidden under
> "&passwd=9c207190bd41430c9157fc5ca8a84d57&" ???
>
> Thanks and regards
>
> Tuanma.



Similar ThreadsPosted
Yahoo URL September 14, 2008, 9:20 pm
BOOTING YAHOO January 16, 2005, 12:41 pm
Crackers In Yahoo Groups December 14, 2004, 5:50 am
New Yahoo! IM Worm Emerges May 23, 2006, 3:16 pm
Yahoo worm in email! June 12, 2006, 11:42 am
Yahoo gets 'Paranoid' about IT security March 24, 2007, 3:25 pm
SquiggleSR : fox Google and Yahoo! February 10, 2008, 4:15 pm
Yahoo mail -- Virus? Phishing? December 16, 2004, 9:49 pm
Yahoo Follow-up Last Updated: 2007-07-08 19:15:56 UTC July 8, 2007, 3:53 pm
Yahoo sites hit by availability problems July 8, 2007, 3:46 pm

The site map in XML format XML site map

Contact Us | Privacy Policy