Password 101 (part 1): hashes and salts Hardware and Software by happygeek … a dictionary attack against those identified user logins with matching hashes and, more often than not, getting lucky with a good… tables** Rainbow tables are pre-computed lists of the cryptographic hashes relating to any possible password of specific lengths from specific… Re: Password 101 (part 1): hashes and salts Hardware and Software by Hiroshe … and time again to be breakable. This is why most hashes and symmectic cypthers use linear algebra. Because it's very… Re: Password 101 (part 1): hashes and salts Hardware and Software by Hiroshe … algorithm, most companies would stick with the default number of hashes (proper KDF's don't loose security, even if the… php5 mysql5 with ssl mismatch hashes Programming Web Development by sleign …'t match for either hash type. is ssl preventing the hashes from matching? one thing I did notice, was that when… script to insert a new user in the database, the hashes matched for both the database and the echo'd hash… password I used when I inserted a new record, the hashes fail to match again. all I'm doing for the… MD5 hashes, only numbers of letters Programming Computer Science by Pytho Hi all I'm not sure is this the right place to post this, other places are strongly oriented to the real programming. However... I know some MD5 hashes contains only numbers or letters, but I don't know which one. Some string X gives only letters in the hash, Y gives only numbers. Do you know which strings give those hashes? Array of hashes in c++ Programming Software Development by Web_Sailor Hi, I am used to array of hashes in perl. So I was trying to do something like … MD5 Hashes Hardware and Software Information Security by onlinessp Hi, i need MD5 Hashes of all the virus can any one help me to finding them. Thanks Retrieve Keys from Multivalue Hashes Programming Software Development by abhik1368 … query and a problem in perl hashing. I have two hashes containing Hash 1 Hash 2 a=> 1 1 =>… Perl Hashes and HTML Table Programming Software Development by vivek.vivek … value for the same hours for ServerA and ServerB. Using Hashes, I am able to add the server value per hour… Re: Password hashes differ in development and live server Programming Web Development by LastMitch … with wamp it doesn't work. I actually still learning hashes on my own. It should work the same either online… back to this example to see how to create other hashes code: <?php function create_parameters($array){ $data = ''; $ret = array(); foreach… Re: Making hashes on the fly with name dictated by a variable string Programming Software Development by Comatose I'm not sure if you can actually specify the name of the hash with content contained in a variable, but something you may be interested in checking out is "annonymous hashes" Re: Password 101 (part 1): hashes and salts Hardware and Software by ryantroop For a simple PHP example of this in "practice" have a look here: http://www.daniweb.com/web-development/php/threads/431052/how-to-have-a-password-security#post1847238 It never did get any comments for improvement or correction. It would be interesting to see if this post drums up some new ideas. Also, I know some languages are pushing … Re: Password 101 (part 1): hashes and salts Hardware and Software by Hiroshe One thing: Using a salted hash alone isn' nearly enough. For the sake of other peoples security, please please please don't roll out your own, unless you know what your doing, and you have people review it. Use a [Key Derivation function](http://en.wikipedia.org/wiki/Key_derivation_function) that an experienced cryptographer made for you. Examples… Re: Password 101 (part 1): hashes and salts Hardware and Software by Hiroshe I'm going to elaborate more on how rainbow tables work. You've got the just of it though. (I study mathematics and computer science at university by the way, and have commited quite a bit of time into cryptography. That being said, I still find it hard sometimes to read cryptographic papers.) Let's say you have a hashed password with a salt, and … Re: Password 101 (part 1): hashes and salts Hardware and Software by Hiroshe Something else interesting to add to this. This is a table presented in a [paper](http://www.tarsnap.com/scrypt/scrypt.pdf) for scrypt. It shows how much money it would cost to break passwords with in a year with various algorithms: ![68f3ab39639186a500cb43fe125c8c04](/attachments/small/1/68f3ab39639186a500cb43fe125c8c04.png "align-left"… Re: Password 101 (part 1): hashes and salts Hardware and Software by ryantroop If you look closely at what I suggested in the link, you are not simply hashing the password once with a single salt. In fact, you are hashing 10 times over a composite hash of the salt + pw + pepper, which originates as a salt + pw hash in the first place. All of that hashed with SHA256. I cant image a rainbow table being of any use against this… Re: Password 101 (part 1): hashes and salts Hardware and Software by Hiroshe Actually, I forgot to mention something about rainbow tables (my apologies). Once you has a random password hash, you have some sort of mapping back to your keyspace. In terms of ryantroop's algorithm, it would just be the keyspace and a known username. You keep applying the hash and mapping over and over again. I hope that makes it more clear. (… Re: Password 101 (part 1): hashes and salts Hardware and Software by Hiroshe If you wanted to though, you could make your algorithm more secure (again, i'm not making and guarentees here, use a professionally implemented algorithm) by using more memory (in a carefull way) for it, and using maybe about 20000 iterations instead. The idea with using more memory is that it makes parallelization more difficult. Your salt should … Re: Password 101 (part 1): hashes and salts Hardware and Software by ryantroop Im in total agreement that security through obscurity is a fools errand. I agree, more iterations would not hurt. 10 is a bit weak, but that was demonstrative in nature. Regardless of that, though, I am curious what your plan of attack would be. Without having root access to the server, and getting the global salt, how would you deconstruct the… Re: Password 101 (part 1): hashes and salts Hardware and Software by Hiroshe I did some more digging into the size required for a rainbow table. It's highly dependant on the method your using and your hardware. A reasonable number might be 67108864, and thats times 512 bits for a chain for a total of 4Gb. That's nothing at all. It can easily fit into ram on a laptop. (numbers from https://www.freerainbowtables.com/en/faq/) Re: MD5 hashes, only numbers of letters Programming Computer Science by Rashakil Fol No. By the way, wtf is up with the advertisement in this thread? "Trying to Encrypt Your DB with MD5? ******* already does it. Try now!" WTF. Edit: But you can surely find one. Since you're talking about a hash that outputs 32 characters (in hexadecimal, which presumably is what you're talking about), each character has a 5/8 chance … Re: MD5 hashes, only numbers of letters Programming Computer Science by Pytho Well, 3,5 million guesses isn't so much. How should I brute force that? Re: MD5 hashes, only numbers of letters Programming Computer Science by Momerath This byte sequence (in hex) resulted in an MD5 hash of [icode]68 96 55 13 90 19 02 12 35 06 45 31 90 73 51 46[/icode] [code=text]A4 03 56 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 … Re: Array of hashes in c++ Programming Software Development by Web_Sailor Here is my attempt on this:- My input file looks like this:- [CODE]1 100 a Andrew USA 5580 mytext 101 200 b Andrew USA 780 mytext 201 300 c John USA 154 mytext 301 400 d Collin USA 880 mytext 401 500 e John USA 551 mytext 501 600 f John … Re: Array of hashes in c++ Programming Software Development by Web_Sailor I also get the "END" element by doing these changes:- [CODE] for(multimap<string, string>::iterator it = mmap.begin();it != mmap.end();++it) //for(int i=0; i<4; i++) if(mmap.count((*it).first) > 2) map2.insert(pair<string, string>((*it).first, (*it… Re: Array of hashes in c++ Programming Software Development by Web_Sailor No replies yet ? :) Re: MD5 Hashes Hardware and Software Information Security by onlinessp Here, i find these if any one of u need visit Thanks Re: Retrieve Keys from Multivalue Hashes Programming Software Development by 2teez Hi, Since you know hash 2 keys relate with hash 1 values, you can just say, print hash 1 key, when hash 1 value equals hash 2 key. Bingo!!! You are done. Like so: use warnings; use strict; my %hash1 = ( a => 1, b => 2, c => 1, d => 1, e => 2, f => 3, ); my %… Re: Perl Hashes and HTML Table Programming Software Development by vivek.vivek This is what I have done sofar...but out is not coming in correct way print $q->start_multipart_form( -name => 'main_form'); print "<tr><td></td></tr>"; print "<tr><td></td></tr>"; print "<td>"; print '<span … Re: Perl Hashes and HTML Table Programming Software Development by 2teez Hi vivek.vivek, Going by your output show, rightly like you are doing, one can use an hash. But since what is really needed is the hour and the number of value one can skip the rest. What i don't get in your post is what you pointed out as the problems. **But cannot pass it to a table.** How do you mean by this? I can also see that you are using…