Oklah Posted August 4, 2019 Report Posted August 4, 2019 (edited) Salut, am urmatoarul output de la o parola dintr-o baza de date mai veche, ce reprezinta fiecare in parte? sha256:1000:afMG4GHoH0gR1YsZz3Odq6W3n1M7wTUG:gjbZhnxB9K0im16imrc+yDM23q+8n1Wm sha256 - modul de criptare 1000 - ? afMG4GHoH0gR1YsZz3Odq6W3n1M7wTUG - ? (presupun ca salt-ul) gjbZhnxB9K0im16imrc+yDM23q+8n1Wm - ? (rezultatul final) Edited August 4, 2019 by Oklah Quote
pr00f Posted August 4, 2019 Report Posted August 4, 2019 Daca dai search pe net gasesti link catre Attendance Login System, ceva "Simple application for employee attendance" bazat pe CodeIgniter - locul din care provine hash-ul tau, cel mai probabil. Scrie in README ca parola este "admin". Mergand mai departe, In libraria de management de parole gasesti modalitatea de generare, verificare, etc. a parolelor. In special, gasesti si segmentele: const HASH_SECTIONS = 4; const HASH_ALGORITHM_INDEX = 0; const HASH_ITERATION_INDEX = 1; const HASH_SALT_INDEX = 2; const HASH_PBKDF2_INDEX = 3; sha256 - algoritmul 1000 - numarul de iteratii afMG... - salt gjbZ... - functia de derivare, info mai jos in cod /* * PBKDF2 key derivation function as defined by RSA's PKCS #5: https://www.ietf.org/rfc/rfc2898.txt * $algorithm - The hash algorithm to use. Recommended: SHA256 * $password - The password. * $salt - A salt that is unique to the password. * $count - Iteration count. Higher is better, but slower. Recommended: At least 1000. * $key_length - The length of the derived key in bytes. * $raw_output - If true, the key is returned in raw binary format. Hex encoded otherwise. * Returns: A $key_length-byte key derived from the password and salt. * * Test vectors can be found here: https://www.ietf.org/rfc/rfc6070.txt * * This implementation of PBKDF2 was originally created by https://defuse.ca * With improvements by http://www.variations-of-shadow.com */ Quote
