Page 4 of 6 FirstFirst 123456 LastLast
Results 46 to 60 of 85

usko database rehacked

This is a discussion on usko database rehacked within the General Chat forums, part of the Knight Online (ko4life.com) category; like alot of things, just takes time ;/...
Page: 4


  1. #46
    userbin
    Guest

    Default

    like alot of things, just takes time ;/

  2. #47
    priestish
    Guest

    Default

    Originally posted by Festo
    Well it used to be plain text but in january, a memo was sent to everyone. Which stated what desired additions we would like;

    Desired Additions
    • Expand game chat limit for game masters to 256.
    • Add more levels of gm privileges. *
    • Detailed GM command list
    • Recompile Knight tools so that our version of our tool is unique only to USKO. *
    • Encrypt the game database password and account ID fields.
    • New boss - We need detailed requirements to design these boss’s ourselves. *

    So *
    B)
    I am sad that it took 2 years to realized encrytion is good. TBH, any high school who taken 1 year of computer class could tell you to encrypt/hash your password file. I am pretty sure devile either assumed you did or told you.

    Just clarify one thing, encryption preserve order while hash does not. Normally hash is one way, which means once you hash something, there is little to noway to get it back. To bruteforce... let do a quick math. Let say your hash is constant time which means very fast. A 12 character pwd would be 12 * 8 bits = 96 bits. So it would take atmost 2^96 tries. Lets say you have fast computer, can do 1024 per second (2^10 per sec). 2^96 / 2^10 = 2^86 seconds. Which is about 2^86 / (3600 * 24 * 7 * 52) = 2,460,166,503,082,273,452.8 years. Lets assume that k2 is smart and concat password and ID#, (note this is called seeding and is used in linux systems). ID# is probably 32 bits integer so 96 + 32 = 128 bits.

  3. #48
    Doc
    Guest

    Default

    Decyphering a MD5 hash isnt as hard as ppl think, dont forget that ppl have been working on doing this for years already.

  4. #49
    Zulkir
    Guest

    Default

    is there any difference between a bank db and a game db, regarding the global internet protocols, laws,ethics.morals..etc?

  5. #50
    Senior Member
    Join Date
    Mar 2006
    Posts
    1,554

    Default

    Originally posted by Zulkir
    is there any difference between a bank db and a game db, regarding the global internet protocols, laws,ethics.morals..etc?

    i believe bank have better security than k2

  6. #51
    Senior Member festo's Avatar
    Join Date
    Mar 2006
    Location
    England
    Posts
    2,820

    Default

    Originally posted by Flippy+--><div class='quotetop'>QUOTE(Flippy)</div>
    <!--QuoteBegin-Zulkir
    is there any difference between a bank db and a game db, regarding the global internet protocols, laws,ethics.morals..etc?

    i believe bank have better security than k2[/b]
    lol u better hope they do otherwise im withdrawin all my money

  7. #52
    Zulkir
    Guest

    Default

    it is obvious..but once we talk about real money (and it is your own money in your bank account) people become serious..in the other hand we are talking about just a game. in fact there isnt anything under our ownership according to K2 policy...

  8. #53
    priestish
    Guest

    Default

    Originally posted by Doc
    Decyphering a MD5 hash isnt as hard as ppl think, dont forget that ppl have been working on doing this for years already.
    You are right, it is not hard, just takes a few thousand eons. Infact, it is probably faster to create a fuctional time machines to travel into the future to get the pwd.

  9. #54
    Senior Member
    Join Date
    Mar 2006
    Posts
    1,554

    Default

    Originally posted by Doc
    Decyphering a MD5 hash isnt as hard as ppl think, dont forget that ppl have been working on doing this for years already.


    decrypt md5? we cant even talk about decrypt cuz its not an encypted code but an hash...

  10. #55
    Doc
    Guest

    Default

    Lets just say that I have already had look at certain pieces of software ( talking over 20gb's worth ) that contain already cracked MD5's simply enter the hash and bingo, for the more simple PW's it's already been done.



    Simple solution now days is to make a pass phrase instead of word, you think a lot of ppl have done this????

  11. #56
    Senior Member
    Join Date
    Mar 2006
    Posts
    1,554

    Default

    Originally posted by Doc
    Lets just say that I have already had look at certain pieces of software ( talking over 20gb's worth ) that contain already cracked MD5's simply enter the hash and bingo, for the more simple PW's it's already been done.



    Simple solution now days is to make a pass phrase instead of word, you think a lot of ppl have done this????

    i believe this prog is just a database with many easy password and their md5 hash then it try to look into the db if the pw is know , nothing more

    and as i said ,its not decrypt

  12. #57
    Doc
    Guest

    Default

    Just saying that it isnt as safe as ppl think it is + I agree with earlier point that K2 prolly keep a clr text format for PW's and ID's knowing them zzzzzzzz

  13. #58
    Senior Member
    Join Date
    Mar 2006
    Posts
    213

    Default

    Oke... see you ... man ...
    And ffs i doubt k2 received email and answered on MSN...
    C'mon guys

    /delete

  14. #59
    priestish
    Guest

    Default

    Originally posted by Doc
    Lets just say that I have already had look at certain pieces of software ( talking over 20gb's worth ) that contain already cracked MD5's simply enter the hash and bingo, for the more simple PW's it's already been done.



    Simple solution now days is to make a pass phrase instead of word, you think a lot of ppl have done this????
    .... wait, you are saying, if you know the pwd, you can generate the md5 hash to get back the pwd.

    I think you are getting serial number mix up with MD5. Serial numbers are a proof of purchuse which is easy to fool. MD5 is a signiture of a string of bits. Every string has its own signiture. For sake of arguement, MD5 is one way. Once hashed, it stay hashed. Kind of food, after you digest food and take a shit. No matter how much shit you shove up your ass, it ain't come up out as food.

  15. #60
    Doc
    Guest

    Default

    no i am saying that the hash can be broken down into plain text form. LMFAO with your shitty explanation though nice one

    Yes it is a string of bits so is everything but it has to remain the same so that when it is read at other end it reads the same every time in plain text.

Page 4 of 6 FirstFirst 123456 LastLast

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •