Re: Need help cracking wwwboard passwd.txt

[BlueBoar () THIEVCO COM (Blue Boar)]

Devin Walters wrote:
> What kind of cracker do I use to crack a wwwboard passwd.txt file?  And
> where can I find it? Also when correcting a large company on security holes
> in their web boards how much should i ask for as payment?

This got through not because of the question on how to crack it, which is
off-topic.  If you want to crack it: send a sample, show us a password hash
with a known plaintext password, make some initial attempt, etc..

Rather, I wanted to comment on the last sentence.

This very well may have been intended as sarcasm, but in case it wasn't...
I have to say, this is nearly blackmail.  I don't think most folks who
point out a problem expect any payment.  You'll also find that many places
don't properly appreciate being notified, or having you check.  Given that,
good luck getting any money out of them.  The exception would be if you
were invited to do a penetration test, and in that case I would expect
payment to have been negotiated up front.

Of course, you're welcome to try whatever you want.  Even if I know your
intentions are to go after money, I'm still happy to let your posts through
on the subject if they contain a little more substance.

                                                        BB