[ZYZZKILL]

Anyone knows why? I remember long time ago every base had passwords, now, there 1/20 leaked database that has a password, any expert can provide information for the reason?

This forum account is currently banned. Ban Length: Permanent (N/A Remaining)
Ban Reason: Contact Administration.

[jb75]

Because today many "databases" are scraps from user management panels accessed using an admin account found in StealerLogs, and these panels do not expose user passwords.

Whereas before, databases were intrusions into the target's IT system and a complete dump of the SQL database.

[ZYZZKILL]

Because today many "databases" are scraps from user management panels accessed using an admin account found in StealerLogs, and these panels do not expose user passwords.

Whereas before, databases were intrusions into the target's IT system and a complete dump of the SQL database.

I understand better now, thank you

This forum account is currently banned. Ban Length: Permanent (N/A Remaining)
Ban Reason: Contact Administration.

[sbhuangbin]

how to earn points
how to earn points
how to earn points
how to earn points
how to earn points
how to earn points
how to earn points
how to earn points
how to earn points
how to earn points
how to earn points
how to earn points

---

how to earn points
how to earn points
how to earn points
how to earn points
how to earn points
how to earn points
how to earn points
how to earn points
how to earn points
how to earn points
how to earn points
how to earn points

This forum account is currently banned. Ban Length: Permanent (N/A Remaining)
Ban Reason: Contact Administration.

[inscw93]

yeah, the difference is:
- Back then: Most of hacks came from SQLI. It gave you full system accees -> full DB dump -> passwords included

- Now: Most of data leaks comes from 2 ways:
1. Admin account compromise
2.  API Hack
In both case, you mostly get user data from these sources.

Also IT teams learned from the past, software architecture is better and passwords are more & more separately stored.

[leftrighthook]

even if they did have passwords they'd be encrypted which by modern standards is unuseable compared to bruted hashes 15 years ago

---

even if they did have passwords they'd be encrypted which by modern standards is unuseable compared to bruted hashes 15 years ago

I'd even argue whoever has a breach with passwords either had the decryption key or they were stored in cleartext to begin with which is like not normal lmao

This forum account is currently banned. Ban Length: Permanent (N/A Remaining)
Ban Reason: Contact Administration.

[jb75]

even if they did have passwords they'd be encrypted which by modern standards is unuseable compared to bruted hashes 15 years ago

Well, I'm currently cracking the MD5 hashes from the Raaga leak published a few days ago, so even today, we still come across some pretty lame sites on this subject

[asap9722]

because it is just more rare that is it nothing more

This forum account is currently banned. Ban Length: Permanent (N/A Remaining)
Ban Reason: Leeching | https://breachforums.rs/Forum-Ban-Appeals if you feel this is incorrect.

[leftrighthook]

even if they did have passwords they'd be encrypted which by modern standards is unuseable compared to bruted hashes 15 years ago

Well, I'm currently cracking the MD5 hashes from the Raaga leak published a few days ago, so even today, we still come across some pretty lame sites on this subject

I mean passwords are relatively easy to crack in MD5 because passwords are low entropy and people use shit like "qwerty1234" or "mycockandballs" so it sure does reduce the amount of compute needed to brute + most md5 has already been cracked. Still can't believe people use that in the big 2026 though 

This forum account is currently banned. Ban Length: Permanent (N/A Remaining)
Ban Reason: Contact Administration.

[inscw93]

lmao 
I can't believe people who still use MD5 are even devs. I guess they're just regular folks trying to throw together a website without specific knowledge.