Next message: Markus Friedl: "Re: SSHD Vuln Exploit X2"
The password looks like it's base64 encoded, but decoded it equals:
i°�<ÏAÛgc¤ :Å^Äi°�<ÏAÛgc¤ :Å^Äi°�<ÏAÝ
This looks fairly meaningless to me, so maybe the '==' on the end is meant
to trick people, or maybe it's encoded with something else before it's run
through b64. The latter would be my guess. Then again thereare repeating
patterns in there... it might be XOR encypted or something, try that.
HTH
Harry M
----- Original Message -----
From: "David Poston" <postondat_private>
To: <vuln-devat_private>
Sent: Friday, February 01, 2002 4:47 PM
Subject: hash of an DB??
>
>
> Hello all,
>
> I have been doing some Anti Virus evaluation this
> week and found something a little interesting on my
> server. I found the following:
>
> UserName=sa
> Password=f2mwBTzPQdtnY6QNOsVexH9psAU8z0H
> bZ2OkDTrFXsR/abAFPM9B3Q==
> UseNTAccount=0 HTTPPort=80 AgentHttpPort=8081
> ConsoleHTTPPort=81 MaxHttpConnection=1000
> EventLogFileSizeLimit=2097152 MaxSoftInstall=25
> Version=2.5.0.168
>
> Can this passwd be broken????
>
>
This archive was generated by hypermail 2b30
: Fri Feb 01 2002 - 10:09:07 PST