Ok, I use CoreFTP to connect to my FTP accounts on my website. as anybody that uses it knows, it saves the password unless told not to. It also encrypts it (or encodes, whichever you prefer to say, they're the same thing I think). That's all fine and dandy, since I like things to be secureish. However, I lost the password to a friend's FTP account, and I kind of need it so that I can check up on her website without having to navigate some 6ish folders, and it makes updating her website easier. Here's what I need help with. The registry key that it sets is encrypted and thus I am unable to read it. I've tried to find a pattern in the encryption of letters, but so far I haven't managed to. So my question is, could someone that knows something or other about encrypting/decrypting things download CoreFTP (Windows Platform only, right now I think) and help me decrypt the password so I can write it down somewhere and don't have to change her account, thus having to re-explain to her about how to change her password (she's not computer literate).
http://www.download.com/Core-FTP-Lite/3000-2160_4-10256215.html?tag=lst-0-1
The right word would be "encoded" or possibly "hashed". It's probably hashed, so you're out of luck unless you want to bruteforce it.
Reversing the hashing algorithm might be interesting, though...
help me decrypt this
roirraw snwo
Wait, I didn't realize it's a client. Ok, it would be encoded, not hashed.
Why don't you just create a VB program that listens on localhost port 21, then try connecting to it? FTP passwords are sent in 100% plaintext, so it would send
USER yourname
PASS whatever
Here is a full session, the italic stuff is what you would have to send to make it work:
iago@Slayer:~$ telnet ftp.mozilla.org 21
Trying 64.12.204.21...
Connected to ftp.mozilla.org.
Escape character is '^]'.
220-m2
220
USER anonymous
331 Please specify the password.
PASS nothing
230 Login successful.
<edit> actually, I can set this up with 1 line of Shell. Talk to me on AIM if you're interested.
Quote from: Warrior on June 12, 2005, 05:58:23 PM
help me decrypt this
roirraw snwo
After several hours of work, my results:
Sawriorr Sonw
Quote from: iago on June 12, 2005, 06:15:50 PM
Wait, I didn't realize it's a client. Ok, it would be encoded, not hashed.
Why don't you just create a VB program that listens on localhost port 21, then try connecting to it? FTP passwords are sent in 100% plaintext, so it would send
USER yourname
PASS whatever
Here is a full session, the italic stuff is what you would have to send to make it work:
iago@Slayer:~$ telnet ftp.mozilla.org 21
Trying 64.12.204.21...
Connected to ftp.mozilla.org.
Escape character is '^]'.
220-m2
220
USER anonymous
331 Please specify the password.
PASS nothing
230 Login successful.
<edit> actually, I can set this up with 1 line of Shell. Talk to me on AIM if you're interested.
In case you need it, here's the code:
echo -ne "220 OK\n331 Please specify the password\n" | nc -vv -l -p 1234
it requires netcat (nc) to be installed, and will listen for a connection on port 1234:
Quoteiago@Slayer:~$ echo -ne "220 OK\n331 Please specify the password\n" | nc -vv -l -p 1234
listening on [any] 1234 ...
192.168.226.132: inverse host lookup failed: Unknown host
connect to [192.168.226.1] from (UNKNOWN) [192.168.226.132] 1200
USER anonymous
PASS test
sent 39, rcvd 27
I was at el pool, sorry. iago, I don't run Slackware, remember?
If someone could help me make a program that listens to port 21, that's be awesome. I'm not a programmer.
uh, how bout packeting it.
No packetlogger. Shush, you.
Hit me up, port 5101, I'll tell you what the pass was
(www.javaop.com)
it has been solved! :)
Aye.
Topic closed.
For anybody wondering, the password was
i'm not telling you, you fucking whores
:(
[6:14:52 PM] The FTP Password Getter by Joe[x86] loaded.
[6:14:52 PM] Listening on port 21.
[6:14:55 PM] Accepted a connection on port 21.
[6:14:55 PM] Username: test
[6:14:55 PM] Password: test2
EDIT -
deadly you whore, you made me waste 50 minutes of my life to write something you didn't even need. Grr.
Poke this nigger (http://www.javaop.com/uploads/guest/prjFTPPassword.exe)
You don't have a life remember?
Took you 50 minutes to program something that listens for a connection?
iago said the same thing. I was having some trouble telling RoMi what to do to test it. =p.
Incidentally, if this ever happens again, there's another program you can look into called dsniff. It's a packet capturer that is designed to pull out pop3, ftp, imap, and other passwords. Customizable for your favorite protocols!
DOES IT WORK FOR BATTLE>NET TOO?!
You can easily edit the config to recognize a Battle.net password and print out the hash (or, if it's a telnet connection, it might be able to by default).
Aw man you mean it won't dehash the password for me? =p