Username: 
Password: 
Restrict session to IP 

WC4 hash list check up  Go to the WC Hashing Game challenge

Global Rank: 86
Totalscore: 184764
Posts: 6
Thanks: 5
UpVotes: 5
Registered: 16y 234d
IPYouFy`s Avatar


Last Seen: 12y 210d
The User is Offline
WC4 hash list check up
Google/translate1Thank You!1Good Post!0Bad Post! link
Hi,

is the WC4 hash list generated for this challenge all right? It seems a bit weird that it changes with each page refresh (WC3 list doesn't). Also, attacking WC4 hashes never got any result for me (which of course might be my problem Happy).

Edit: Never mind. It was my problem and the changing hash is actually a feature of the random salt...
Last edited by IPYouFy - Apr 07, 2011 - 02:17:25
Global Rank: 1432
Totalscore: 18339
Posts: 18
Thanks: 8
UpVotes: 11
Registered: 13y 314d
Last Seen: 1d 8h
The User is Offline
RE: WC4 hash list check up
Google/translate1Thank You!1Good Post!0Bad Post! link
Haven't noticed this before, but this should not pose a problem.

cheers, p0lar
Global Rank: 227
Totalscore: 94360
Posts: 1684
Thanks: 1360
UpVotes: 920
Registered: 16y 314d




Last Seen: 1d 11h
The User is Offline
RE: WC4 hash list check up
Google/translate1Thank You!2Good Post!0Bad Post! link
Quote from IPYouFy
Apr 06, 2011 - 22:35:11

Edit: Never mind. It was my problem and the changing hash is actually a feature of the random salt...


Of course i could have computed a fixed table for the hashes.
But this is against my "Code you see is code in use" philosophy Smile

Happy Challenging!
The geeks shall inherit the properties and methods of object earth.
Global Rank: 180
Totalscore: 111426
Posts: 95
Thanks: 84
UpVotes: 98
Registered: 10y 103d
occasus`s Avatar



Last Seen: 11d 17h
The User is Offline
RE: WC4 hash list check up
Google/translate1Thank You!1Good Post!0Bad Post! link
Hello all dear Challengers,
... I see right now how the hashes Happy shame on me. I leave the question under the spoiler so you can make fun of me Sad Smile
Kindest Regards to All - occasus

I got a little question about the code of WC4 part. On line 19 after the function hash(...) how to interpret this: ).$salt; ? I'm really not understanding that concatenation... Maybe it's obvious for many, but not for me, yet.

Any explanation highly appreciated Smile and thanks in advance
Last edited by occasus - Mar 19, 2020 - 03:26:26
Global Rank: 1
Totalscore: 758910
Posts: 437
Thanks: 497
UpVotes: 470
Registered: 15y 152d












The User is Offline
RE: WC4 hash list check up
Google/translate2Thank You!2Good Post!0Bad Post! link
Not really a spoiler, but...
This is normal when you have a unique salt per password hash, as is the case here. Here you have to store the salt with the hash, otherwise you cannot verify the hash at a later point. Perhaps it is clearer if you try to make corresponding verification functions (e.g. function verify_wc4($password, $hash)).

The reason to do this should be(come) clear from the difference in cracking the WC3 and WC4 hashes.
Redknee, tunelko, silenttrack, n0tHappy, nonfungiblesecurity, quangntenemy, TheHiveMind, Z, balicocat, Ge0, samuraiblanco, arraez, jcquinterov, hophuocthinh, alfamen2, burhanudinn123, Ben_Dover, stephanduran89, braddie0, SwolloW, dangarbri, csuquvq have subscribed to this thread and receive emails on new posts.
1 people are watching the thread at the moment.
This thread has been viewed 14015 times.