Announcement

Collapse
No announcement yet.

Decrypting a Hash Password.

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • #16
    Originally posted by Floydr47
    Would the hash for "bannana" remain the same whether it was, say for instance, an AOL password or an MSN password or would each create it's own hash?
    Each program tends to use its own little tricks and algorithms, so the hashes tend to be different.

    Note that if the hashing technique is the same, obtaining the hash may be as good as obtaining the password. Some applications go out of their way to avoid this problem by adding, for example, the application name or the name of the authenticating server. This is merely a more advanced technique of salting (also called nonce depending on the context).

    Originally posted by Floydr47
    If the hash changed from one to the other then the theory of hashing a dictionary + 2 wouldn't hold water would it?
    In the real world, people tend to use the same password for multiple accounts. Although the database is specific to one application, cracking that application yields access to the other accounts.

    Comment


    • #17
      wow...thanks for the reply's all. Thats exactly what I was needing.....thanks a bunch every1.

      Comment


      • #18
        You think that is bad, lets really start confusing people and explaining the RSA algs for encryption... ;)

        LosT

        Comment


        • #19
          Originally posted by LosT
          You think that is bad, lets really start confusing people and explaining the RSA algs for encryption...
          Bah! RSA is the easy one (especially for mathmagicians). I could explain it to someone in less than an hour.

          Proving it, though...

          Comment


          • #20
            Originally posted by Voltage Spike
            Bah! RSA is the easy one (especially for mathmagicians). I could explain it to someone in less than an hour.

            Proving it, though...

            Hehhee, true, but if they are having problems with something like simple one way hashes, then RSA would be totally confusing...I cross what? Where? Huh? ;)

            LosT

            Comment


            • #21
              Originally posted by LosT
              Hehhee, true, but if they are having problems with something like simple one way hashes, then RSA would be totally confusing...I cross what? Where? Huh? ;)

              LosT
              Personally I have never had a problem with "simple one way hashes" because had it not been for this discussion I probably would have never given them a second thought. As far as being confusing, many things about computers are confusing to me, usually however, after logical discussion they seem to be more clear. I understand more about hashes now than if I had never read this thread. I am quite sure that given time and solid information I would understand RSA as well as anyone. Life is a learning experience, show me a man who claims to know everthing there is to know and I'll show you a damned liar.
              I enjoy talking to myself...it's usually the only intelligent conversations I get to have.

              Comment


              • #22
                As far as being confusing, many things about computers are confusing to me, usually however, after logical discussion they seem to be more clear
                Same thing goes for me, specially when its analogy time :)
                It is true that reading maketh a full man.
                ...reminds me of the men of four.

                "He who knows not and knows not that he knows not is a fool; shun him.
                He who knows not and knows that he knows not is a child; teach him.
                He who knows but knows not that he knows is asleep; wake him.
                He who knows and knows that he knows is wise; follow him."

                BK
                Temet Nosce

                Comment


                • #23
                  Originally posted by Floydr47
                  show me a man who claims to know everthing there is to know and I'll show you a damned liar.
                  3 Curious humans waiting to asked questions of the Great Oracle of Delphi, and each can learn from the those who preceed them.

                  Oracle: I AM THE GREAT ORACLE OF DELPHI! I KNOW EVERYTHING YOU NEED TO KNOW! ASK ME A QUESTION!
                  Curious Human 1: Could ask any question on any topic?
                  Oracle: YES.
                  Curious Human 1: Oh! What are the lottery numbers tomorrow?
                  Oracle: YOU ASKED YOUR QUESTION. NEXT!

                  Oracle: I AM THE GREAT ORACLE OF DELPHI! I KNOW EVERYTHING YOU NEED TO KNOW! ASK ME A QUESTION!
                  Curious Human 2: What will the score of the game tomorrow be, before it starts?
                  Oracle: ZERO TO ZERO! NEXT!

                  Oracle: I AM THE GREAT ORACLE OF DELPHI! I KNOW EVERYTHING YOU NEED TO KNOW! ASK ME A QUESTION!
                  Curious Human 3: How can I know as much as you, Great Oracle?
                  Oracle: YOU DON'T NEED TO KNOW THAT!

                  Originally posted by badkarma
                  ..."He who knows not ..."
                  I've grown to like:
                  "(s)he who knows not, and knows not how to research is ingnorant and deserves to be ignored."

                  It's like telling people to 'google it' and having them reply with, "google did not help," or, "google did not return anything." When you verify that google does help, you know they are unwilling or unable to research.
                  Last edited by TheCotMan; April 5, 2005, 10:47.

                  Comment


                  • #24
                    Take a look at rainbowcrack, it uses rainbow tables to bruteforce hashes.
                    http://www.antsight.com/zsl/rainbowcrack/
                    -- dev_zero@

                    Comment


                    • #25
                      Originally posted by TheCotMan
                      I've grown to like:
                      "(s)he who knows not, and knows not how to research is ingnorant and deserves to be ignored."

                      It's like telling people to 'google it' and having them reply with, "google did not help," or, "google did not return anything." When you verify that google does help, you know they are unwilling or unable to research.

                      Exactly my point earlier...the concepts behind hashes should be easy to get from Google...pretty standard info. I usually don't like the 'give me the answer' people, but prefer the 'help me get the answer, I'm working on it but I'm stuck' people. I always strive to be that kind of a person when seeking help.

                      LosT

                      Comment


                      • #26
                        thanks for all your support every1. I did alot of reasearch on my own, but when you hit that wall you need some help. And yall have done just that, thanks again every1. love the forum : ]

                        Comment

                        Working...
                        X