Any way to decrypt a whirlpool encrypted username?
#1

Hey, a gamemode that i'm using uses whirlpool ( dont know the gamemode name anymore ). for encryption for usernames?
I dont know why that is, but i found someone with a lot of money without any reason, so i want to ban him, but its a whirlpool encrypted username.

Is there any way to decrypt this?


Thanks..
Reply
#2

hashing any data is not meant to be decrypted - its a 1-way ticket.
when you know the playername, hash it using whirlpool, and use the output as reference. if any filename matches the (hashed) output, you found the playerfile.
another way is a bruteforce attack, but somehow i doubt that it will succeed
Reply
#3

Quote:
Originally Posted by Babul
Посмотреть сообщение
hashing any data is not meant to be decrypted - its a 1-way ticket.
when you know the playername, hash it using whirlpool, and use the output as reference. if any filename matches the (hashed) output, you found the playerfile.
another way is a bruteforce attack, but somehow i doubt that it will succeed
Ehmm, what if i have around 200 people that are registered on my server?
Reply
#4

Ehmmm..i don't get it, do u have hashed player accounts files or what?
Reply
#5

... then youll need 200x longer. jk, its a waste of time to think about cracking whirlpool.
do you know which callback/function/stock is responsible for hashing the names? you need to know the stringlenght of the output, and maybe the salt - its all in the script. find it.
as soon you know the playername (the one which is readable), then simply let the script encrypt it, and write down the hashed result.
how to get started doing all this?
some assumptions first:
-the players name is "idiot", and the (unknown)...
-hash is "0f5a165c"

so, you want to delete ONE file which holds the playerdata?
ill tell you how i would face this:
-MAKE A COMPLETE BACUP. NOW!
-use your local home server only (to avoid deleting the "real" server files accidently)
-delete (move to a save position) all player stats files.
-start your own SAMP, and use that players name "idiot".
-register yourself, the password is irrelevant btw. (if its stored in the same file)
-close SAMP, and have a look at the only file existing in your playerstats directory. its the same file as in the server! (from example above, it could be "0f5a165c.txt").
Reply
#6

Next Time make a Anti Moneyhack or when the Player is on the Server, ban him.
Reply
#7

I dont get it, why would you hash a user username?
Reply
#8

I am loooking for the donator as the partner I am the scriptor and scripted my server, is anyone interested ??
Reply
#9

Well, stop spamming here, and use this Topic: https://sampforum.blast.hk/showthread.php?tid=187229
Reply
#10

Quote:
Originally Posted by Blackazur
Посмотреть сообщение
Well, stop spamming here, and use this Topic: https://sampforum.blast.hk/showthread.php?tid=187229
That's a script request thread and he is not requesting a script, but asking help for something he already done. Learn to understand a thread.
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)