Here's some more worth adding since you're at it. Like half of those are unknown, though.

Sites
anilibria.tv
anime-planet.com
ashleymadison.com (login keys)
aternos.org
bit.ly
btc-e.com
cracked.to
daniweb.com
dropbox.com
edmodo.com (restoring bcrypt hashes)
idcgames.com
kickstarter.com
legendas.tv
mcbans.com
myrepospace.com
myspace.com
tokopedia.com

Web software
PrestaShop (list of known site + salt)
Minecraft (authme)

(November 14, 2022, 02:59 PM)Bliss Wrote: Here's some more worth adding since you're at it. Like half of those are unknown, though.

Sites
anilibria.tv
anime-planet.com
ashleymadison.com (login keys)
aternos.org
bit.ly
btc-e.com
cracked.to
daniweb.com
dropbox.com
edmodo.com (restoring bcrypt hashes)
idcgames.com
kickstarter.com
legendas.tv
mcbans.com
myrepospace.com
myspace.com
tokopedia.com

Web software
PrestaShop (list of known site + salt)
Minecraft (authme)

Good call. I'll add these later. Do you happen to know Daniweb? I've seen plaintexts before but never alongside their correct salt/pepper/algorithm.

Feel free to PM me a list of PrestaShop breaches if you have them. I was originally going to add it to the OP but I haven't seen many breaches with salts posted here. Those that I know of are ABFRL, Taklope, and XtremCam. Thanks for the reply.

Thank you! Very interesting information!

Adding for 8tracks, zynga, avvo, faveapp etc... would be nice as well

algo: SHA-1('--'.$salt.'--'.$pass.'--')
You can run 8track hashes with hashcat 4.0+ .

1. Convert them to this format hash:--salt--
2. Run them as -m 120 with $-$- rule or create a 8tracks.rule file with content only 1 row: $- $-
3. In case you wanted to check only passwords shorter than 9 characters in exchange for higher speeds then add -O parameter

(November 15, 2022, 10:23 AM)Archive Wrote: Adding for 8tracks, zynga, avvo, faveapp etc... would be nice as well

algo: SHA-1('--'.$salt.'--'.$pass.'--')
You can run 8track hashes with hashcat 4.0+ .

1. Convert them to this format hash:--salt--
2. Run them as -m 120 with $-$- rule or create a 8tracks.rule file with content only 1 row: $- $-
3. In case you wanted to check only passwords shorter than 9 characters in exchange for higher speeds then add -O parameter

Newer versions of Hashcat support this natively as -m 27200, but I'll add this anyway since it explains the algorithm :)

(November 15, 2022, 12:55 PM)God Wrote:

(November 15, 2022, 10:23 AM)Archive Wrote: Adding for 8tracks, zynga, avvo, faveapp etc... would be nice as well

algo: SHA-1('--'.$salt.'--'.$pass.'--')
You can run 8track hashes with hashcat 4.0+ .

1. Convert them to this format hash:--salt--
2. Run them as -m 120 with $-$- rule or create a 8tracks.rule file with content only 1 row: $- $-
3. In case you wanted to check only passwords shorter than 9 characters in exchange for higher speeds then add -O parameter

Newer versions of Hashcat support this natively as -m 27200, but I'll add this anyway since it explains the algorithm :)

Ahh didn't know someone made a module for it now.

Dehashing is a cool hobby that nobody appreciates (even posters in this thread).

Respect.

(November 14, 2022, 07:44 PM)God Wrote:

(November 14, 2022, 02:59 PM)Bliss Wrote: Here's some more worth adding since you're at it. Like half of those are unknown, though.

Sites
anilibria.tv
anime-planet.com
ashleymadison.com (login keys)
aternos.org
bit.ly
btc-e.com
cracked.to
daniweb.com
dropbox.com
edmodo.com (restoring bcrypt hashes)
idcgames.com
kickstarter.com
legendas.tv
mcbans.com
myrepospace.com
myspace.com
tokopedia.com

Web software
PrestaShop (list of known site + salt)
Minecraft (authme)

Good call. I'll add these later. Do you happen to know Daniweb? I've seen plaintexts before but never alongside their correct salt/pepper/algorithm.

Feel free to PM me a list of PrestaShop breaches if you have them. I was originally going to add it to the OP but I haven't seen many breaches with salts posted here. Those that I know of are ABFRL, Taklope, and XtremCam. Thanks for the reply.

For Daniweb:

md5(md5(md5($pass).$salt).$pepper)

Pepper is:

`"D"@n1'W'3b`

(November 14, 2022, 02:59 PM)Bliss Wrote: Here's some more worth adding since you're at it. Like half of those are unknown, though.


kickstarter.com

0000373d403ad71ff7f35bf8f12698f709083379:5vHa9wPAs1pfrjZskTcD:f5945d1c74d3502f8a3de8562e5bf21fe3fec887:snickers
0000a3f1e0825a9fe502ed1f43eef2a8d9948a69:084KD9FRZvKTfW9ydRNH:f5945d1c74d3502f8a3de8562e5bf21fe3fec887:696969
0000de501d926a057cc82d0d66413890024a07d7:FKG4YDmD4Qxt4bAgV4Rp:f5945d1c74d3502f8a3de8562e5bf21fe3fec887:swordfish
0000dff66c214fd51e2a492d0128e90dc613c5aa:y0JuN4tQvmWhj0F6iRH8:f5945d1c74d3502f8a3de8562e5bf21fe3fec887:freebird
0001aa1c67f4dea50adff2d65a7e62b88e0b3e82:nD6JkBY7KF32yPLKUSnh:f5945d1c74d3502f8a3de8562e5bf21fe3fec887:shithead
0001fa8250a13f97f0320add73b9867fa603020a:2ecafb890023a75b9ae657d8f8fe2dde3ac10f95:f5945d1c74d3502f8a3de8562e5bf21fe3fec887:panther
0002950d29eb46811cc9d651d33d22f8ec99433e:WpkP5TEm7XIWXoBBLhoy:f5945d1c74d3502f8a3de8562e5bf21fe3fec887:ronnie
000296203e02070488098a9b1f841a5705c1785c:mieFlBokn1mkyOyAGk89:f5945d1c74d3502f8a3de8562e5bf21fe3fec887:kick2starter
0002e7c194f0bff1c754204a354ae7fe9cb83d84:0vbuF50c0Py4S6FYS2o1:f5945d1c74d3502f8a3de8562e5bf21fe3fec887:molson

Ruby on Rails Restful-Authentication
-m 19500 mod in hashcat

How can you find the salt or pepper in a database? I was looking at one that I have an account with, so I know one username/password combination. I just don't know how to figure out how to find the salt with that and didn't see it listed in the database! Anyone know?