Username: 
Password: 
Restrict session to IP 

WC4 hash list check up  Go to the WC Hashing Game challenge

Global Rank: 86
Totalscore: 184772
Posts: 6
Thanks: 5
UpVotes: 5
Registered: 16y 210d
IPYouFy`s Avatar


Last Seen: 12y 186d
The User is Offline
WC4 hash list check up
Google/translate1Thank You!1Good Post!0Bad Post! link
Hi,

is the WC4 hash list generated for this challenge all right? It seems a bit weird that it changes with each page refresh (WC3 list doesn't). Also, attacking WC4 hashes never got any result for me (which of course might be my problem Happy).

Edit: Never mind. It was my problem and the changing hash is actually a feature of the random salt...
Last edited by IPYouFy - Apr 07, 2011 - 02:17:25
Global Rank: 1508
Totalscore: 17314
Posts: 18
Thanks: 8
UpVotes: 11
Registered: 13y 290d
Last Seen: 216d 12h
The User is Offline
RE: WC4 hash list check up
Google/translate1Thank You!1Good Post!0Bad Post! link
Haven't noticed this before, but this should not pose a problem.

cheers, p0lar
Global Rank: 227
Totalscore: 94363
Posts: 1680
Thanks: 1358
UpVotes: 920
Registered: 16y 290d




Last Seen: 5d 15h
The User is Offline
RE: WC4 hash list check up
Google/translate1Thank You!2Good Post!0Bad Post! link
Quote from IPYouFy
Apr 06, 2011 - 22:35:11

Edit: Never mind. It was my problem and the changing hash is actually a feature of the random salt...


Of course i could have computed a fixed table for the hashes.
But this is against my "Code you see is code in use" philosophy Smile

Happy Challenging!
The geeks shall inherit the properties and methods of object earth.
Global Rank: 180
Totalscore: 111481
Posts: 95
Thanks: 84
UpVotes: 98
Registered: 10y 79d
occasus`s Avatar



Last Seen: 2d 12h
The User is Offline
RE: WC4 hash list check up
Google/translate1Thank You!1Good Post!0Bad Post! link
Hello all dear Challengers,
... I see right now how the hashes Happy shame on me. I leave the question under the spoiler so you can make fun of me Sad Smile
Kindest Regards to All - occasus

I got a little question about the code of WC4 part. On line 19 after the function hash(...) how to interpret this: ).$salt; ? I'm really not understanding that concatenation... Maybe it's obvious for many, but not for me, yet.

Any explanation highly appreciated Smile and thanks in advance
Last edited by occasus - Mar 19, 2020 - 03:26:26
Global Rank: 1
Totalscore: 759063
Posts: 437
Thanks: 496
UpVotes: 469
Registered: 15y 128d












The User is Offline
RE: WC4 hash list check up
Google/translate2Thank You!2Good Post!0Bad Post! link
Not really a spoiler, but...
This is normal when you have a unique salt per password hash, as is the case here. Here you have to store the salt with the hash, otherwise you cannot verify the hash at a later point. Perhaps it is clearer if you try to make corresponding verification functions (e.g. function verify_wc4($password, $hash)).

The reason to do this should be(come) clear from the difference in cracking the WC3 and WC4 hashes.
Redknee, tunelko, silenttrack, n0tHappy, nonfungiblesecurity, quangntenemy, TheHiveMind, Z, balicocat, Ge0, samuraiblanco, arraez, jcquinterov, hophuocthinh, alfamen2, burhanudinn123, Ben_Dover, stephanduran89, braddie0, SwolloW, dangarbri, csuquvq have subscribed to this thread and receive emails on new posts.
1 people are watching the thread at the moment.
This thread has been viewed 13976 times.