Re: hash of an DB??

["Arta" <arta () project404 org>]

The password looks like it's base64 encoded, but decoded it equals:

i°<ÏAÛgc¤ :Å^Äi°<ÏAÛgc¤ :Å^Äi°<ÏAÝ

This looks fairly meaningless to me, so maybe the '==' on the end is meant
to trick people, or maybe it's encoded with something else before it's run
through b64. The latter would be my guess. Then again thereare repeating
patterns in there... it might be XOR encypted or something, try that.

HTH

Harry M

----- Original Message -----
From: "David Poston" <postond () yahoo com>
To: <vuln-dev () securityfocus com>
Sent: Friday, February 01, 2002 4:47 PM
Subject: hash of an DB??


> Hello all,
>
>       I have been doing some Anti Virus evaluation this
> week and found something a little interesting on my
> server.  I found the following:
>
> UserName=sa
> Password=f2mwBTzPQdtnY6QNOsVexH9psAU8z0H
> bZ2OkDTrFXsR/abAFPM9B3Q==
> UseNTAccount=0 HTTPPort=80 AgentHttpPort=8081
> ConsoleHTTPPort=81 MaxHttpConnection=1000
> EventLogFileSizeLimit=2097152 MaxSoftInstall=25
> Version=2.5.0.168
>
> Can this passwd be broken????