Hi, does anyone know the password to the site dump files for oonews.eu? It's broken up into many 7z files but they are all password protected. You can see the files on btdig(g) by searching for 'oonews_backup'. Thanks!
Hi, does anyone know the password to the site dump files for oonews.eu? It's broken up into many 7z files but they are all password protected. You can see the files on btdig(g) by searching for 'oonews_backup'. Thanks!
As far as I know, the team of scenenzbs received the password for the dump from the oonews.eu admin and it was integrated into the scenenzbs database. I think the password isn't publicly known.
I wish SceneNZBs had some sort of legacy plan... I miss their API.
Thank you both for the news about oonews.eu
If anyone discovers the password, please share!
Yeah, I was hoping since it's been a year the password would eventually come out. I've been trying on and off to brute force it but nothing yet. It does act strangely though. If you just extract some of the files with the wrong password it does create a few of the nzb files...but they are still encrypted. Also some of the passwords I'm using to brute force will work and extract a couple of files but, again, they are still encrypted. Very weird. I know at this point I can just get most things somewhere else but this is a fun exercise.
In all likelihood your archiver is "extracting" garbage that happens to match the original CRC-32 (which is why we shouldn't be using CRC anymore for these purposes).
Cracking 7-Zip is very possible with a good GPU (see https://gist.github.com/epixoip/9908...c83512a50421a7; a stricter workload profile will give higher speeds), but that's if the password is in a dictionary, can be derived from one with rules, or follows a known pattern. Cryptobackups like this one usually have a long random password mixing letters, numbers and symbols.
"I just remembered something that happened a long time ago."
Thanks for the explanation about hash collisions.
From the nzb files I still have from their site, it seems they used at least three different patterns for passwords. Assuming they used one of these same formats for the backup dump files...
All I need to do is crack a 32 or 40 char alpha numeric. Also it seems the only upper case letters they used were A and Z, otherwise all lower case. Piece of cake!
Last edited by tedshackleford; 09.01.25 at 22:45.
Bookmarks