NEW: We have a Discord server now. Click here to go there now!

NOTE: Why not use our List Manager to crack your lists? Its easy and enables better management.

NOTE: When cracking WPA/WPA2 passwords, make sure you check gpuhash.me first incase it's already been processed.

Home - General Discussion - Email hash cracking


4 Results - Page 1 of 1 -
1
Author Message
Avatar
kevtheskin

Status: Member
Joined: Wed, 21 Feb 2018
Posts: 327
Team:
Reputation: 199 Reputation
Offline
Sat, 02 Mar 2019 @ 21:46:14

Hello all,

Please forgive my noobie ignorance. What is the purpose of cracking email hashes. I have manged to crack a few but dont understand what the cracked emails are used for . Where are the passwords for these emails. I know sites like pwned have massive cracked list and password check. Anyway thanks for any answers giving.

Cheers Kev


Avatar
dipeperon

Status: Member
Joined: Tue, 03 Apr 2018
Posts: 411
Team:
Reputation: 425 Reputation
Online
Sat, 02 Mar 2019 @ 22:01:31

To understand why people would want to crack these it's better to first understand why these where hashed in the first place.

Assuming a website only will send you an e-mail when you request a password reset, why would they not hash the emails?

They don't need store the plaintext e-mail if they only will use it as verification as you will provide the plaintext in case of authentication (including password reset) which is hashed and compared with the database.

So long story short: they're used for authentication just like passwords, and they where hashed for security incase of database leak


My haschat stuff (rules, scripts): https://github.com/theherp/Hashcat-stuff

Avatar
kevtheskin

Status: Member
Joined: Wed, 21 Feb 2018
Posts: 327
Team:
Reputation: 199 Reputation
Offline
Sat, 02 Mar 2019 @ 22:28:50

dipeperon said:

To understand why people would want to crack these it's better to first understand why these where hashed in the first place.

Assuming a website only will send you an e-mail when you request a password reset, why would they not hash the emails?

They don't need store the plaintext e-mail if they only will use it as verification as you will provide the plaintext in case of authentication (including password reset) which is hashed and compared with the database.

So long story short: they're used for authentication just like passwords, and they where hashed for security incase of database leak


Cheers Peeps, K


Avatar
Ramosalbert945

Status: n/a
Joined: Sun, 05 May 2019
Posts: 3
Team:
Reputation: 0 Reputation
Offline
Sun, 05 May 2019 @ 05:53:10

Hello! I New here! Mi searching databases to download like Taringa... 8fit myfitnesspal.... But I dont understand how to get the Mail of a particular hash... Can someone help me?



4 Results - Page 1 of 1 -
1

We have a total of 197475 messages in 24431 topics.
We have a total of 21699 registered users.
Our newest registered member is Iamhere4you.