Sign in to follow this  
Followers 0
Lockon

some Questions (basic)

7 posts in this topic

okay so im currently trying to hack the personal/teacher Login om my schools website.

ofcourse i started looking at the pages source, but the only thing i found was some random numbers and letters. i don't know anything about MD5 encryption, but i do know that i could be something like this? but then again if this is a Md5 encypted password, then i would still need a logon name, wich would make no sense? why would there be a Md5 encrypted password on a login with several login accounts?

heres is the "code"

aWQ9c2tpbiZhdXRoPTNlOTQ1OWE2NjgwNzE1MDQyOWM3ZTQ1NTcwMzdlZDNjJnBhdGg9YUhSMGNEb3ZMM2QzZHk1eWRXZDJZV1Z1WjJWMGMzTnJiMnhsTG1SckwweHBMMU5UVDB4dloybHVMbUZ6Y0ElM0QlM0Q

The source is here

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> 
<!-- -*- html -*- -->
<html>

<head>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=utf-8">
<title>Log på med UNI•Login</title>
<script>
var cssFile = (screen.availWidth > 400)? "css/unilogin-standard.css":"css/unilogin-mobil.css";
document.write('<link rel="stylesheet" href="'+cssFile+'" type="text/css">');
</script>
</head>

<body OnLoad="document.query.user.focus()">

<div id="outside">
<div id="header">
<h1>UNI•Login</h1>
</div>

<table>
<tbody>
<form name="query" method="POST" action="https://login.emu.dk/" enctype="application/x-www-form-urlencoded">

<tr>
<td class="input">
<p class="null">

<input type="hidden" name="one" value="sso.emu.dk">
<input type="hidden" name="two" value="IGNORER">
<input type="hidden" name="creds_from_greq" value="1">
<input type="hidden" name="three" value="1">
<input type="hidden" name="four" value="a5">
<input type="hidden" name="five" value="GET">
<input type="hidden" name="six" value="sso.emu.dk">
<input type="hidden" name="seven" value="/unilogin/login.cgi">
<input type="hidden" name="relay_url" value="">
<input type="hidden" name="eight" value="aWQ9c2tpbiZhdXRoPTNlOTQ1OWE2NjgwNzE1MDQyOWM3ZTQ1NTcwMzdlZDNjJnBhdGg9YUhSMGNEb3ZMM2QzZHk1eWRXZDJZV1Z1WjJWMGMzTnJiMnhsTG1SckwweHBMMU5UVDB4dloybHVMbUZ6Y0ElM0QlM0Q=">
<input type="hidden" name="fr" value="NFR">
<input type="hidden" name="hostname" value="sso.emu.dk">
<input type="hidden" name="nine" value="1">
<input type="hidden" name="file" value="">
<input type="hidden" name="flag" value="0">
<input type="hidden" name="referer" value="https://www.rugvaengetsskole.dk/Li/Loginside.asp">
<input type="hidden" name="post_stuff" value="">
<input type="hidden" name="sess_re" value="0">
<input type="hidden" name="pre_sess_tok" value="1097409719">
<input type="hidden" name="first_kiss" value="1275420560-578233">
<input type="hidden" name="pinit" value="0">
<input type="hidden" name="reply" value="1">
<input type="hidden" name="create_ts" value="1275420560">


</p>

<label>Brugernavn</label>
<input type="text" name="user">

</td>
</tr>

<tr>
<td class="input">
<label>Adgangskode</label>
<input type="password" name="pass">
</td>
</tr>

<tr>
<td class="knapper">
<input type="submit" value="Log ind">
</td>
</tr>

</form>

<tr>
<td class="knapper">

<!-- Signatur login -->

<form id="digsig" name="queryOces" action="https://login.emu.dk//oces1/" method="POST"
enctype="application/x-www-form-urlencoded">
<p>
Du kan også logge ind med
</p>
<input type="SUBMIT" name="submitOces" value="Digital Signatur" style="cursor:pointer;">

<input type="hidden" name="one" value="sso.emu.dk">
<input type="hidden" name="two" value="IGNORER">
<input type="hidden" name="creds_from_greq" value="1">
<input type="hidden" name="three" value="1">
<input type="hidden" name="four" value="a5">
<input type="hidden" name="five" value="GET">
<input type="hidden" name="six" value="sso.emu.dk">
<input type="hidden" name="seven" value="/unilogin/login.cgi">
<input type="hidden" name="relay_url" value="">
<input type="hidden" name="eight" value="aWQ9c2tpbiZhdXRoPTNlOTQ1OWE2NjgwNzE1MDQyOWM3ZTQ1NTcwMzdlZDNjJnBhdGg9YUhSMGNEb3ZMM2QzZHk1eWRXZDJZV1Z1WjJWMGMzTnJiMnhsTG1SckwweHBMMU5UVDB4dloybHVMbUZ6Y0ElM0QlM0Q=">
<input type="hidden" name="fr" value="NFR">
<input type="hidden" name="hostname" value="sso.emu.dk">
<input type="hidden" name="nine" value="1">
<input type="hidden" name="file" value="">
<input type="hidden" name="flag" value="0">
<input type="hidden" name="referer" value="https://www.rugvaengetsskole.dk/Li/Loginside.asp">
<input type="hidden" name="post_stuff" value="">
<input type="hidden" name="sess_re" value="0">
<input type="hidden" name="pre_sess_tok" value="1097409719">
<input type="hidden" name="first_kiss" value="1275420560-578233">
<input type="hidden" name="pinit" value="0">
<input type="hidden" name="reply" value="1">
<input type="hidden" name="create_ts" value="1275420560">


</form>
</td>
</tr>
</tbody>
</table>

<div id="information">
<div id="reason">
<p>



</p>
</div>
<div id="husk">
<h2>Husk!</h2>
<p>
For at logge ud, skal du lukke browseren.
</p>
</div>

<script>
try {
if ( document.getElementById('reason').innerText.length > 10) {
document.getElementById('husk').innerText = "";
}
} catch (err) {}

try {
if ( document.getElementById('reason').textContent.length > 20) {
document.getElementById('husk').textContent = "";
}
} catch (err) {}

</script>

<p class="luft"><a href="http://support.emu.dk/uni-login/loginfaq.html ">Har du brug for hjælp?</a></p>
</div>

<div id="footer">
<img id="minilogo" src="images/unic-payoff-mini.jpg">
<img id="maxilogo" src="images/unic-web.gif">
</div>

<!-- THIS_IS:themisto.uif-server 3.3.3 -->

</div>
</body>
</html>

Link to the website is

Click On Uni login after entering this page

Link to the "Next" site

Here is the login page

i hope you guys can help me getting the right directions,

Btw i believe that the coding is Very poor,

the danes(danish ppl) have never been good at the techique ^^ haha

0

Share this post


Link to post
Share on other sites

You should probably not publicly speak about breaking into a system, it's just not really a smart idea. Aside from that, if you are going to attempt to break into it, it's probably worth learning a little bit before trying because that's absolutely not an md5 hash. It's obvious what it is, but since you're obviously doing something illegal and don't know what you're doing, you likely wont get much help here.

2

Share this post


Link to post
Share on other sites

well. haha, im quite messed up, actually i know that but, i guess...

Blah what ever im a newbie anyways hehe well thanks ^^

This thread can be closed now please :)

0

Share this post


Link to post
Share on other sites

Thats the first thing I learned, sql injection, to get a md5 from g0d user on nuke forums/sites.... very basic injection, but used to be very succesfull along with all the md5 tables out there to crack.... i've played alot with perl scripts and stuff over some time.... and have like the tiny'st of tiny understanding, but have had some successful attempts with some of them.... and when I mean some, I mean 1 per every like 1,000 aahah.... thats how clueless i am in alot of areas.... Someone tried teaching me how to use a c99 one time.... ya... that one went out the window..... but MD5 i was pretty good with only with nuke and vWar....

Youtube honestly teach you many neat tricks, but watch for the bull skitters.

0

Share this post


Link to post
Share on other sites

Thats the first thing I learned, sql injection, to get a md5 from g0d user on nuke forums/sites.... very basic injection, but used to be very succesfull along with all the md5 tables out there to crack.... i've played alot with perl scripts and stuff over some time.... and have like the tiny'st of tiny understanding, but have had some successful attempts with some of them.... and when I mean some, I mean 1 per every like 1,000 aahah.... thats how clueless i am in alot of areas.... Someone tried teaching me how to use a c99 one time.... ya... that one went out the window..... but MD5 i was pretty good with only with nuke and vWar....

Youtube honestly teach you many neat tricks, but watch for the bull skitters.

...WTF are you even talking about?

0

Share this post


Link to post
Share on other sites

uhh... thats not for much help?

i see that one maybe is talking bullS**T ?

well nevermind, prolly i should get some skills before trying playing around with such stuff?

heh :)

0

Share this post


Link to post
Share on other sites

uhh... thats not for much help?

i see that one maybe is talking bullS**T ?

well nevermind, prolly i should get some skills before trying playing around with such stuff?

heh :)

Maybe a good idea to look up on some basic stuff about how things work. :)

0

Share this post


Link to post
Share on other sites

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
Sign in to follow this  
Followers 0