2017-07-25
If you post about "334 VXNlcm5hbWU6" be aware what you are sharing 12 months ago
I saw someone post somewhere about problems with sending mail, with the complete session log. E-mail addresses were obfuscated, but there was a part of the session not obfuscated, which had far more interesting secrets than just e-mail addresses. It looked a bit like this:250-HELP 250-AUTH LOGIN PLAIN 250-SIZE 157286400 250-8BITMIME 250 OK AUTH LOGIN 334 VXNlcm5hbWU6 dXNlcm5hbWU= 334 UGFzc3dvcmQ6 cGFzc3dvcmQ= 235 ... authentication succeeded RSET 250 OKThose "random" letters and digits look a lot like base64, so to decode them:$ echo "VXNlcm5hbWU6" | base64 -d ; echo Username: $ echo "dXNlcm5hbWU=" | base64 -d ; echo username $ echo "UGFzc3dvcmQ6" | base64 -d ; echo Password: $ echo "cGFzc3dvcmQ=" | base64 -d ; echo passwordSo the random letters and digits are actually username and password, very interesting information. Searching for VXNlcm5hbWU6 gives me examples of usernames and passwords.