issue with writing down cracked phpBB password

sqlmapproject / sqlmap

Automatic SQL injection and database takeover tool

http://sqlmap.org

Other

32.44k stars 5.71k forks source link

issue with writing down cracked phpBB password #4252

Closed caperoni closed 4 years ago

caperoni commented 4 years ago

I have issue with phpBB hash password sqlmap writing down. When I passed success dictionary bruteforce attack with sqlmap the result can't be stored in session like for MD5 hashes.

For example:

For MD5 sqlmap do so 827ccb0eea8a706c4c34a16891f84e7b (12345)

For phpBB sqlmap do $H$9jhFmtImvHVtSb0Km7GcqviN2ObX7V/

But need to be $H$9jhFmtImvHVtSb0Km7GcqviN2ObX7V/ (12345)

stamparm commented 4 years ago

Not sure what is going on here. You claim that sqlmap bruteforced/cracked phpBB hash? sqlmap currently does not support phpBB hash cracking. Can you please send a screenshot of your claim?

stamparm commented 4 years ago

...nevertheless, with the latest commit/revision I've added support for generic phpass (including PHPBB3) hash cracking