weird hash format

[cocacolaz]

I found some weird password hashes i dumped from a database that have this format

DJG8KNnBRvgKXgXXadVi / w ==
DXMqs6j6UwI =

they look like base64 but its not base64 apparently. any idea what they are and how to crack them?

 

[ppdonchiq]

but its not base64 apparently

seems to be binary encoded in base64

DJG8KNnBRvgKXgXXadVi / w ==

this could be 128bit hash output, base64-encoded

DXMqs6j6UwI =

this could be 8-byte salt, base64 encoded too


OP, could you provide more details? Like framework used for the application working with this database?

 

[cocacolaz]

seems to be binary encoded in base64

this could be 128bit hash output, base64-encoded

this could be 8-byte salt, base64 encoded too


OP, could you provide more details? Like framework used for the application working with this database?

hi

the site is running on a windows server 2008 and according to wappalizer its using php 5.3.9 with IIS webserver. the backend database is MySQL 5.1.73-community

both hashes above were dumped from the password columns in the database. each one of them is from a different username

i tried crackstation.net but cant be identified
i tried to check if those were base32 encoded but it did not work either
hashid nor hash-identifer tools were able to identify the hash type either

 

[ppdonchiq]

both hashes above were dumped from the password columns in the database. each one of them is from a different username

It's very interesting that these "hashes" have different lengths that are multiples of 64 bits. It's possible that these passwords are not hashed, but encrypted with 64-bit wide cipher, such as [3]DES.

Can you register new accounts in this application? It would be useful to see how simple passwords (like 'a','aa','aaa', up to, say, 16 'a' symbols) are transformed.