Username: 
Password: 
Restrict session to IP 

WC4 hash list check up  Go to the WC Hashing Game challenge

Global Rank: 84
Totalscore: 184916
Posts: 6
Thanks: 5
UpVotes: 5
Registered: 16y 45d
IPYouFy`s Avatar


Last Seen: 12y 20d
The User is Offline
WC4 hash list check up
Google/translate1Thank You!1Good Post!0Bad Post! link
Hi,

is the WC4 hash list generated for this challenge all right? It seems a bit weird that it changes with each page refresh (WC3 list doesn't). Also, attacking WC4 hashes never got any result for me (which of course might be my problem Happy).

Edit: Never mind. It was my problem and the changing hash is actually a feature of the random salt...
Last edited by IPYouFy - Apr 07, 2011 - 02:17:25
Global Rank: 1496
Totalscore: 17340
Posts: 18
Thanks: 8
UpVotes: 11
Registered: 13y 124d
Last Seen: 51d 3h
The User is Offline
RE: WC4 hash list check up
Google/translate1Thank You!1Good Post!0Bad Post! link
Haven't noticed this before, but this should not pose a problem.

cheers, p0lar
Global Rank: 252
Totalscore: 87258
Posts: 1644
Thanks: 1343
UpVotes: 894
Registered: 16y 124d




Last Seen: 4d 8h
The User is Offline
RE: WC4 hash list check up
Google/translate1Thank You!2Good Post!0Bad Post! link
Quote from IPYouFy
Apr 06, 2011 - 22:35:11

Edit: Never mind. It was my problem and the changing hash is actually a feature of the random salt...


Of course i could have computed a fixed table for the hashes.
But this is against my "Code you see is code in use" philosophy Smile

Happy Challenging!
The geeks shall inherit the properties and methods of object earth.
Global Rank: 186
Totalscore: 110531
Posts: 88
Thanks: 78
UpVotes: 91
Registered: 9y 279d
occasus`s Avatar



Last Seen: 17d 12h
The User is Offline
RE: WC4 hash list check up
Google/translate1Thank You!1Good Post!0Bad Post! link
Hello all dear Challengers,
... I see right now how the hashes Happy shame on me. I leave the question under the spoiler so you can make fun of me Sad Smile
Kindest Regards to All - occasus

I got a little question about the code of WC4 part. On line 19 after the function hash(...) how to interpret this: ).$salt; ? I'm really not understanding that concatenation... Maybe it's obvious for many, but not for me, yet.

Any explanation highly appreciated Smile and thanks in advance
Last edited by occasus - Mar 19, 2020 - 03:26:26
Global Rank: 1
Totalscore: 759737
Posts: 434
Thanks: 493
UpVotes: 463
Registered: 14y 328d












The User is Offline
RE: WC4 hash list check up
Google/translate2Thank You!2Good Post!0Bad Post! link
Not really a spoiler, but...
This is normal when you have a unique salt per password hash, as is the case here. Here you have to store the salt with the hash, otherwise you cannot verify the hash at a later point. Perhaps it is clearer if you try to make corresponding verification functions (e.g. function verify_wc4($password, $hash)).

The reason to do this should be(come) clear from the difference in cracking the WC3 and WC4 hashes.
Redknee, tunelko, silenttrack, n0tHappy, quangntenemy, TheHiveMind, Z, balicocat, Ge0, samuraiblanco, arraez, jcquinterov, hophuocthinh, alfamen2, burhanudinn123, Ben_Dover, stephanduran89, braddie0, SwolloW, dangarbri, kalungmas have subscribed to this thread and receive emails on new posts.
1 people are watching the thread at the moment.
This thread has been viewed 13614 times.