Welcome to TangoWorldWide!
You are a Guest, which means you cannot use
all possible features on this forum.
Sign in or Register, to enjoy full functionality. It'll only take 2 seconds!
315 Players in 29 Servers

Author Topic: PSA: ESEA Leaked  (Read 677 times)

0 Members and 1 Guest are viewing this topic.

Offline Oscar

  • Supporter
  • Forum Addict
  • *
  • Topic Author
  • Posts: 2421
    • View Profile
  • Liked: 26
  • Likes Given: 2
  • User Avatar

    Doing shows now from Serbia

    Offline


  • Total Badges: 27
    Badges: (View All)
    3 Year Coin Summer 2017 Overruled - Rez's Badge 100 Poll Votes Christmas 2016 Halloween 2016 Badge Collector (20) 2 Year Coin Summer 2016 Black-Star Invisible Badge Collector (15) aPn's Award 12 Days of Christmas Spammer-50 Christmas 2015 Badge Collector (10) Thanksgiving 2015 Halloween 2015 1 Year Coin 1000 Posts Badge Collector (5) Spammer-25 Quick Poster Mobile User 500 Posts 100 Posts
PSA: ESEA Leaked
« on: January 09, 2017, 03:00:43 pm »
If you've ever registered to this site and use the same password, change all your passwords please, for Christ Sake. Apparently due to a Ransom Attempt[1] Use LastPass :teehee:

[1]: http://gadgets.ndtv.com/games/news/esea-hack-over-1-5-million-player-profiles-reportedly-leaked-in-ransom-attempt-1646864
« Last Edit: January 17, 2017, 10:56:09 am by dr.friday »

Offline aqua

  • Registered Users
  • Forum Junkie
  • *
  • Posts: 555
    • View Profile
  • Liked: 10
  • Likes Given: 11

  • Total Badges: 17
    Badges: (View All)
    Summer 2017 Badge Collector (15) 500 Posts 2 Year Coin 12 Days of Christmas 2016 Christmas 2016 Badge Collector (10) Halloween 2016 Summer 2016 1 Year Coin Christmas 2015 Badge Collector (5) Thanksgiving 2015 100 Posts Halloween 2015 Quick Poster Mobile User
Re: PSA: ESEA Leaked
« Reply #1 on: January 09, 2017, 03:15:24 pm »
 :-X ESEA can't catch a break. Bitcoin mining, using an autistic kid to represent FaceIt in one of their ads,  and now this. Good thing I don't use the same pword for everything.
lol
yall nono word! just think its trash till it rools up on ya and beats a farriri in a rance with cornors cuz this bitch be driftin ez around turns while farrira be like 5mph around turns cuz its shit lol u kids dont know anything about cars gtfo and get swole

tha fuck? that shit is looking straight outta ghetto mario kart. a rari would smack the shit out of that car anyday so idk wtf you on, can't even roll up on anything with those ugly ass mustard covered wheels. go back to playin with your hot wheels and downing some protein you fruity molerat lookin ass mf

Offline balon

  • Chief Executive Officer
  • 5k Poster
  • *
  • *
  • *
  • Posts: 5910
  • I'm back...
    • http://steamcommunity.com/id/balon21
    • http://www.twitch.tv/balonfx
    • https://twitter.com/TangoWorldWide
    • View Profile
  • Liked: 291
  • Likes Given: 50
  • User Avatar

    T.w² | ???? Mod balon

    Online


  • Total Badges: 36
    Badges: (View All)
    Summer 2017 Gstad's Squad Blackhat fly shit only Linux Wizowd 3 Year Coin Christmas 2016 5000 Posts Thanksgiving 2016 Mobz Award Halloween 2016 The Rich Bitch Summer 2016 Drunk Award 12 Days of Christmas Badge Collector (20) 2 Year Coin aPn's Award Christmas 2015 Spammer-25 Badge Collector (15) Thanksgiving 2015 Halloween 2015 Quick Collector (10) Badge Collector (10) Invisible Quick Poster Mobile User Quick Collector (5) 100 Poll Votes Badge Collector (5) 2500 Posts 1000 Posts 500 Posts 100 Posts 1 Year Coin
Re: PSA: ESEA Leaked
« Reply #2 on: January 09, 2017, 03:42:17 pm »
Well announced.
ℎ𝑖 𝑚𝑦 𝑛𝑎𝑚𝑒 𝑖𝑠 𝑏𝑎𝑙𝑜𝑛 𝑎𝑛𝑑 𝑖'𝑚 𝑎 𝑛𝑒𝑟𝑑

Offline papi

  • Veteran Member
  • Forum Starter
  • *
  • Posts: 77
    • http://steamcommunity.com/id/papei/
    • View Profile
  • Liked: 0
  • Likes Given: 0
  • User Avatar

    T.w2 | papi

    Offline


  • Total Badges: 3
    Badges: (View All)
    Summer 2017 Mobile User Quick Poster
Re: PSA: ESEA Leaked
« Reply #3 on: January 17, 2017, 10:50:17 am »
I don't do ESEA due to their intrusive software, but I would be completely fine with not changing my password simply due to the fact they use bcrypt to hash their passwords. Good luck cracking that!

Online Mistaken

  • Divisional Staff
  • Forum Addict
  • *
  • *
  • *
  • *
  • *
  • Posts: 1742
    • http://steamcommunity.com/id/mistaken_tv
    • View Profile
  • Liked: 60
  • Likes Given: 94
  • User Avatar

    T.w² | Mistaken .cL m

    Online


  • Total Badges: 16
    Badges: (View All)
    Badge Collector (15) Summer 2017 100 Poll Votes 1000 Posts 500 Posts Badge Collector (10) Spammer-25 I Triggered LemonFridge Quick Poster 100 Posts Badge Collector (5) 1 Year Coin Christmas 2016 Halloween 2016 Summer 2016 Mobile User
Re: PSA: ESEA Leaked
« Reply #4 on: January 17, 2017, 12:07:59 pm »
Rip esea lmao people still gonna play there cuz better then mm
Adam is the best :)

Offline Oscar

  • Supporter
  • Forum Addict
  • *
  • Topic Author
  • Posts: 2421
    • View Profile
  • Liked: 26
  • Likes Given: 2
  • User Avatar

    Doing shows now from Serbia

    Offline


  • Total Badges: 27
    Badges: (View All)
    3 Year Coin Summer 2017 Overruled - Rez's Badge 100 Poll Votes Christmas 2016 Halloween 2016 Badge Collector (20) 2 Year Coin Summer 2016 Black-Star Invisible Badge Collector (15) aPn's Award 12 Days of Christmas Spammer-50 Christmas 2015 Badge Collector (10) Thanksgiving 2015 Halloween 2015 1 Year Coin 1000 Posts Badge Collector (5) Spammer-25 Quick Poster Mobile User 500 Posts 100 Posts
Re: PSA: ESEA Leaked
« Reply #5 on: January 17, 2017, 12:19:04 pm »
I don't do ESEA due to their intrusive software, but I would be completely fine with not changing my password simply due to the fact they use bcrypt to hash their passwords. Good luck cracking that!
I wouldn't be so sure, they only have 6 iterations of the key derivation function.

Shown here:

$2y$06

Which is terrible. Bruce forces are easier compared to a 12 iteration, which is the "minimum" people suggest.

Offline papi

  • Veteran Member
  • Forum Starter
  • *
  • Posts: 77
    • http://steamcommunity.com/id/papei/
    • View Profile
  • Liked: 0
  • Likes Given: 0
  • User Avatar

    T.w2 | papi

    Offline


  • Total Badges: 3
    Badges: (View All)
    Summer 2017 Mobile User Quick Poster
Re: PSA: ESEA Leaked
« Reply #6 on: January 17, 2017, 12:59:28 pm »
I did some math using this stackoverflow: http://security.stackexchange.com/a/83382/128399, and I estimate that when bcrypt has 6 rounds (64 iterations) it takes around ~9.5 milliseconds per password. This means about ~105 passwords being checked per second. I don't know about you, but unless you have a simple/not unique password you should be fine. Bruteforcing 105 checks per second would take forever.

Offline Oscar

  • Supporter
  • Forum Addict
  • *
  • Topic Author
  • Posts: 2421
    • View Profile
  • Liked: 26
  • Likes Given: 2
  • User Avatar

    Doing shows now from Serbia

    Offline


  • Total Badges: 27
    Badges: (View All)
    3 Year Coin Summer 2017 Overruled - Rez's Badge 100 Poll Votes Christmas 2016 Halloween 2016 Badge Collector (20) 2 Year Coin Summer 2016 Black-Star Invisible Badge Collector (15) aPn's Award 12 Days of Christmas Spammer-50 Christmas 2015 Badge Collector (10) Thanksgiving 2015 Halloween 2015 1 Year Coin 1000 Posts Badge Collector (5) Spammer-25 Quick Poster Mobile User 500 Posts 100 Posts
Re: PSA: ESEA Leaked
« Reply #7 on: January 17, 2017, 01:07:21 pm »
I did some math using this stackoverflow: http://security.stackexchange.com/a/83382/128399, and I estimate that when bcrypt has 6 rounds (64 iterations) it takes around ~9.5 milliseconds per password. This means about ~105 passwords being checked per second. I don't know about you, but unless you have a simple/not unique password you should be fine. Bruteforcing 105 checks per second would take forever.
Intel Core i7-2700K CPU @ 3.50 GHz

Offline papi

  • Veteran Member
  • Forum Starter
  • *
  • Posts: 77
    • http://steamcommunity.com/id/papei/
    • View Profile
  • Liked: 0
  • Likes Given: 0
  • User Avatar

    T.w2 | papi

    Offline


  • Total Badges: 3
    Badges: (View All)
    Summer 2017 Mobile User Quick Poster
Re: PSA: ESEA Leaked
« Reply #8 on: January 17, 2017, 01:10:16 pm »
The speed could vary but would never be as fast as for example MD5 (assuming one computer). Really dictionary attacks would be the only thing I would worry about. Bruteforcing against bcrypt with a reasonable password length is extremely ineffective. Personally, I wouldn't be concerned because I use long passwords with a lot of randomization involved but I can see your average joe having a 6 character password being cracked.

Offline Oscar

  • Supporter
  • Forum Addict
  • *
  • Topic Author
  • Posts: 2421
    • View Profile
  • Liked: 26
  • Likes Given: 2
  • User Avatar

    Doing shows now from Serbia

    Offline


  • Total Badges: 27
    Badges: (View All)
    3 Year Coin Summer 2017 Overruled - Rez's Badge 100 Poll Votes Christmas 2016 Halloween 2016 Badge Collector (20) 2 Year Coin Summer 2016 Black-Star Invisible Badge Collector (15) aPn's Award 12 Days of Christmas Spammer-50 Christmas 2015 Badge Collector (10) Thanksgiving 2015 Halloween 2015 1 Year Coin 1000 Posts Badge Collector (5) Spammer-25 Quick Poster Mobile User 500 Posts 100 Posts
Re: PSA: ESEA Leaked
« Reply #9 on: January 17, 2017, 01:11:05 pm »
The speed could vary but would never be as fast as for example MD5 (assuming one computer). Really dictionary attacks would be the only thing I would worry about. Bruteforcing against bcrypt with a reasonable password length is extremely ineffective. Personally, I wouldn't be concerned because I use long passwords with a lot of randomization involved but I can see your average joe having a 6 character password being cracked.
gimme ur real email and ill be sure to hand you your password :)

Offline papi

  • Veteran Member
  • Forum Starter
  • *
  • Posts: 77
    • http://steamcommunity.com/id/papei/
    • View Profile
  • Liked: 0
  • Likes Given: 0
  • User Avatar

    T.w2 | papi

    Offline


  • Total Badges: 3
    Badges: (View All)
    Summer 2017 Mobile User Quick Poster
Re: PSA: ESEA Leaked
« Reply #10 on: January 17, 2017, 01:18:06 pm »
The speed could vary but would never be as fast as for example MD5 (assuming one computer). Really dictionary attacks would be the only thing I would worry about. Bruteforcing against bcrypt with a reasonable password length is extremely ineffective. Personally, I wouldn't be concerned because I use long passwords with a lot of randomization involved but I can see your average joe having a 6 character password being cracked.
gimme ur real email and ill be sure to hand you your password :)

Code: PHP
  1. $2a$06$1ZI3ykhAg9H818LE4Sd2berNYV0kizOS5UTD0GkpuVldXcUQ0qaZ2

This isn't a hash of my real password (lol), but I used a similar password generating technique. Generated using bcrypt and 6 rounds.

Offline Oscar

  • Supporter
  • Forum Addict
  • *
  • Topic Author
  • Posts: 2421
    • View Profile
  • Liked: 26
  • Likes Given: 2
  • User Avatar

    Doing shows now from Serbia

    Offline


  • Total Badges: 27
    Badges: (View All)
    3 Year Coin Summer 2017 Overruled - Rez's Badge 100 Poll Votes Christmas 2016 Halloween 2016 Badge Collector (20) 2 Year Coin Summer 2016 Black-Star Invisible Badge Collector (15) aPn's Award 12 Days of Christmas Spammer-50 Christmas 2015 Badge Collector (10) Thanksgiving 2015 Halloween 2015 1 Year Coin 1000 Posts Badge Collector (5) Spammer-25 Quick Poster Mobile User 500 Posts 100 Posts
Re: PSA: ESEA Leaked
« Reply #11 on: January 17, 2017, 02:32:49 pm »
The speed could vary but would never be as fast as for example MD5 (assuming one computer). Really dictionary attacks would be the only thing I would worry about. Bruteforcing against bcrypt with a reasonable password length is extremely ineffective. Personally, I wouldn't be concerned because I use long passwords with a lot of randomization involved but I can see your average joe having a 6 character password being cracked.
gimme ur real email and ill be sure to hand you your password :)

Code: PHP
  1. $2a$06$1ZI3ykhAg9H818LE4Sd2berNYV0kizOS5UTD0GkpuVldXcUQ0qaZ2

This isn't a hash of my real password (lol), but I used a similar password generating technique. Generated using bcrypt and 6 rounds.
well if you shit out a 60 char pw then no, but if ur using the same amount of numbers / chars / length as original then i guess

Offline balon

  • Chief Executive Officer
  • 5k Poster
  • *
  • *
  • *
  • Posts: 5910
  • I'm back...
    • http://steamcommunity.com/id/balon21
    • http://www.twitch.tv/balonfx
    • https://twitter.com/TangoWorldWide
    • View Profile
  • Liked: 291
  • Likes Given: 50
  • User Avatar

    T.w² | ???? Mod balon

    Online


  • Total Badges: 36
    Badges: (View All)
    Summer 2017 Gstad's Squad Blackhat fly shit only Linux Wizowd 3 Year Coin Christmas 2016 5000 Posts Thanksgiving 2016 Mobz Award Halloween 2016 The Rich Bitch Summer 2016 Drunk Award 12 Days of Christmas Badge Collector (20) 2 Year Coin aPn's Award Christmas 2015 Spammer-25 Badge Collector (15) Thanksgiving 2015 Halloween 2015 Quick Collector (10) Badge Collector (10) Invisible Quick Poster Mobile User Quick Collector (5) 100 Poll Votes Badge Collector (5) 2500 Posts 1000 Posts 500 Posts 100 Posts 1 Year Coin
Re: PSA: ESEA Leaked
« Reply #12 on: January 17, 2017, 03:07:06 pm »
Take it to private you two, or the programming board. LOL, Thanks for the PSA again. Topic locked from further discussion.
ℎ𝑖 𝑚𝑦 𝑛𝑎𝑚𝑒 𝑖𝑠 𝑏𝑎𝑙𝑜𝑛 𝑎𝑛𝑑 𝑖'𝑚 𝑎 𝑛𝑒𝑟𝑑

 

G2A Sponsor Image
EOReality.com
Sinus Bot
TangoServersLLC Logo
AllTrapNation.com
CSGO Fiesta
Vreecase Sponsor
G2A Sponsor Image
EOReality.com
Sinus Bot
TangoServersLLC Logo
AllTrapNation.com
CSGO Fiesta
Vreecase Sponsor