I have a forum running VB 3.6.5 and I want to understand how the exploit, released from [url removed, login to view] works. I was able to run the exploit on my board and receive the hash for my user. I also know that vbulletin stores its hashes with a salt. I want to know how to also retrieve the salt. After retrieving the hash and salt, I want to know what tools can be used to successfully crack the password.
For a normal MD5 hash, I would just use john the ripper, but I'm not sure how to go about cracking vbulletin hashes.
You will not have access to my site during this time. I am trying to gauge the difficulty and security issues related to leaving the installation at 3.6.5
You will be required to modify the perl script from [url removed, login to view] (the vb 3.6.5 exploit) to also retrieve the salt. You will then be required to take the hash, salt, and username and deconstruct it to get the password (or tell me how)
If you have any questions, please let me know.