Jump to content
Oklah

Informatii parola criptata

Recommended Posts

Salut, am urmatoarul output de la o parola dintr-o baza de date mai veche, ce reprezinta fiecare in parte?

sha256:1000:afMG4GHoH0gR1YsZz3Odq6W3n1M7wTUG:gjbZhnxB9K0im16imrc+yDM23q+8n1Wm

sha256 - modul de criptare

1000 - ?

afMG4GHoH0gR1YsZz3Odq6W3n1M7wTUG - ? (presupun ca salt-ul)

gjbZhnxB9K0im16imrc+yDM23q+8n1Wm - ? (rezultatul final)

Edited by Oklah
Link to comment
Share on other sites

Daca dai search pe net gasesti link catre Attendance Login System, ceva "Simple application for employee attendance" bazat pe CodeIgniter - locul din care provine hash-ul tau, cel mai probabil. Scrie in README ca parola este "admin".

 

Mergand mai departe, In libraria de management de parole gasesti modalitatea de generare, verificare, etc. a parolelor. In special, gasesti si segmentele:

	const HASH_SECTIONS = 4;
	const HASH_ALGORITHM_INDEX = 0;
	const HASH_ITERATION_INDEX = 1;
	const HASH_SALT_INDEX = 2;
	const HASH_PBKDF2_INDEX = 3;

sha256 - algoritmul

1000 - numarul de iteratii

afMG... - salt

gjbZ... - functia de derivare, info mai jos in cod

/*
	 * PBKDF2 key derivation function as defined by RSA's PKCS #5: https://www.ietf.org/rfc/rfc2898.txt
	 * $algorithm - The hash algorithm to use. Recommended: SHA256
	 * $password - The password.
	 * $salt - A salt that is unique to the password.
	 * $count - Iteration count. Higher is better, but slower. Recommended: At least 1000.
	 * $key_length - The length of the derived key in bytes.
	 * $raw_output - If true, the key is returned in raw binary format. Hex encoded otherwise.
	 * Returns: A $key_length-byte key derived from the password and salt.
	 *
	 * Test vectors can be found here: https://www.ietf.org/rfc/rfc6070.txt
	 *
	 * This implementation of PBKDF2 was originally created by https://defuse.ca
	 * With improvements by http://www.variations-of-shadow.com
	 */

 

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.



×
×
  • Create New...