Reversible Rovnix passwords I got my hands on Rovnix recently. Not the one who got leaked with Carberp but the ISFB package part (Core, Interceptor, ATS, VNC modules, etc...): And the panel.. Who ask for mod_rewrite for an unknown reason (ok the htaccess, but is it really usefull here?) Ive already took some screenshots of inside Rovnix, so lets skip about the screenshots part. Just check this article if you want see pics from the Rovnix C&C: http://www.xylibox.com/2012/02/win32rovnix.html?spref=tw The panel come with a sql dump, and a user/password is already defined inside. The password looks like a MD5 hash and we know nothing about it. SQL tables: By looking the hash on Google we have a correspondence with 21240: A tool confirm also that the hash is good for 21240 But.. there is a problem somewhere: So we have to check the code to see whats going on. admin/index.php use a function getMyHash() This small function can be found inside mod/main.php: We have a salt and they use md5(...