SQL Descomplica - Бразильйский EdTech сервис

[N9XDZ]

Descomplica - это платформа EdTech с полным спектром услуг, которая переводит бразильскую систему образования в онлайн-режим.
Сайт: https://descomplica.com.br/

Спойлер: В архиве 7 файлов, описание к ним:

Файл: Account - Users
Поля: CreateDate,Email,EmailVerified,FailedLoginAttempts,IsLockedOut,LastLockedOutDate,LastLoginDate,LastPasswordChangedDate,LastPasswordFailureDate,Password,PasswordFailuresSinceLastSuccess,ResetPasswordToken,ResetPasswordTokenExpirationDate,IsDeleted,OriginUrl
Строк: 4,850,589

Файл: Marketing - Leads
Поля: Email,CampaignName,CallingUrl,StudentName,StudentPhone,IsDeleted
Строк: 47,963

Файл: Payment -.CreditCards
Поля: Alias,CardNumberMasked,CustomerId,IsDeleted,GatewayConfigurationId,Token,ExpMonth,ExpYear
Строк: 1,424,693

Файл: Payment - AppleStoreSettlements
Поля: UserId,UserEmail,Status,TransactionDate,IsDeleted,LatestReceipt,Receipt,LatestReceiptInfo,OriginalTransactionId

Файл: Payment - GooglePlaySettlements
Поля: AccountId,UserEmail,AutoRenewing,OrderId,PackageName,ProductId,PurchaseTime,PurchaseState,DeveloperPayload,PurchaseToken,CancelReason

Файл: public - users
Поля: dex_id,descomplica_id,first_name,last_name,display_name,avatar_url,cover_image_url,about,social_media_id,created_at,updated_at

Файл: public - social_media
Поля: email,linkedin,twitter,facebook,instagram,whatsapp,created_at,updated_at

Descomplica

MediaFire is a simple to use free service that lets you put all your photos, documents, music, and video in a single place so you can access them anywhere and share them everywhere.

www.mediafire.com

пароль местный

 

[Blackside]

Интересный тип хеша, никто не подскажет? Это сапопал?

 

[nci7t7834]

Интересный тип хеша, никто не подскажет? Это сапопал?

About the hashes:

A user on raid made some analysis on them and found out that:

So, bad news, most of the hashes stored as Base64 aren't even salted password hashes, but something related to an authorization token. Most of the users that created the account on that site, used their facebook account. When someone does that, you only pass the email and phone number, but you don't have a password.
My theory is that Before 2014, they stored the passwords as unsalted SHA384, and probably had something stored to deal with users that logged through facebook/gmail. During november, they updated a bunch of stuff, INCLUDING the "hashes" of accounts without passwords. The ones left as unsalted hashes are obviously the ones they couldn't change, because the passwords are hashed. So, there's a mix of salted hashed passwords, and hashes of tokens, and there's no way to crack without knowing the salt. (However, the ones that aren't in base64 are unsalted hashes)