Answer the question
In order to leave comments, you need to log in
T
T
Tremo2018-04-27 06:59:05
Tremo, 2018-04-27 06:59:05
How to determine the hash method if there is a source text and its hashed form?
Good day.
It is necessary to determine which password hashing/encryption method is used.
There is a source text as well as its hashed form.
What do you advise?
Hashed form: Pc54EjPvTwvXG8IDAfdM0azKcy+otWnScAGrV4zY9Vo=:A:zg8HaDmFVi+K/5ryDlhAldNUBAKaN685K6dHGZhPdkI=
1 answer(s)
@usdglander
This is NOT a hashed form. This is the base64 from the hashed form. :)
Here I could offer two options:
1. Try to hash the source string with different known algorithms. The one for which the hash matches the reference one and will be the desired one. Of course, it is possible to filter out algorithms that generate a hash of a different length in advance.
2. If it is possible to obtain hashes for for different strings, then one could try to accumulate a sufficient number of <text> <=> <hash> pairs, build a truth table (in bits) on them, build NDF on this table, minimize it and get a formula that gives the same result on a given sample. There is a non-zero probability that it will work for other pairs as well.
(3). Unaccounted for. Reverse engineering of the software that generates this hash.
L
Lander, 2018-04-27 @usdglander
Hashed form: Pc54EjPvTwvXG8IDAfdM0azKcy+otWnScAGrV4zY9Vo=:A:zg8HaDmFVi+K/5ryDlhAldNUBAKaN685K6dHGZhPdkI=
This is NOT a hashed form. This is the base64 from the hashed form. :)
Here I could offer two options:
1. Try to hash the source string with different known algorithms. The one for which the hash matches the reference one and will be the desired one. Of course, it is possible to filter out algorithms that generate a hash of a different length in advance.
2. If it is possible to obtain hashes for for different strings, then one could try to accumulate a sufficient number of <text> <=> <hash> pairs, build a truth table (in bits) on them, build NDF on this table, minimize it and get a formula that gives the same result on a given sample. There is a non-zero probability that it will work for other pairs as well.
(3). Unaccounted for. Reverse engineering of the software that generates this hash.
Similar questions
J
I
W
T
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question