博客给出一个链接 http://www.governmentsecurity.org/forum/index.php?showtopic=15193 ,原标签涉及认证、随机、字符、函数、登录、表格等信息技术相关概念。
zt http://www.governmentsecurity.org/forum/index.php?showtopic=15193
I can't understand hashes and salts. I made a password of 'a' on my Invision Forum and then I looked up the hash and the salt for it in my database. I typed in the salt and then 'a' beside it through Cain and Abel and got it to convert it to an MD5. I thought this hash would turn out the same as the one recorded in the forum. This is because I thought the salt gets appended to the password and then it is hashed. By appending a known salt to a known password I thought the hash would turn out the same. When I did this though the hash turned out different from the one recorded in the Invision Forum. Please explain
i posted this a while ago elsewhere and it seems to relate to your question
the following ipb function generates a random 5 character salt when that user registers their account for the first time. Note that random time is used.
function generate_password_salt($len=5)
{
$salt = '';
srand( (double)microtime() * 1000000 );
for ( $i = 0; $i < $len; $i++ )
{
$num = rand(33, 126);
if ( $num == '92' )
$num = 93;
$salt .= chr( $num );
}
return $salt;
}
now lets say that our randomly generated salt is '12345' (ok im being boring)
And that our password we use to login is 'qwerty'
take a look at the ibf_members_converge table it contains two important values
converge_pass_salt: contains the value '12345'
converge_pass_hash: contains md5( md5('12345').md5('qwerty') )
so this is what happens during authentication
if ( $this->member['converge_pass_hash'] == $this->generate_compiled_passhash( $this->member['converge_pass_salt'], $md5_once_password ) )
return TRUE; //all good :)
$this->member[] is just a private array of the class_converge which contains some of these values i mentioned
Take a look at class_converge.php it is where most of the action is at
To bruteforce the hashes you need the ibf_members_converge table.
1 pass of a generalised brute forcer may look like this:
if ( md5(salthash.md5(currvalue)) == myhash)
salthash is the md5 hash of our salt, currvalue is the current bruteforce string (eg a,ab,abc,etc), myhash is the hash you want to crack
Basically double the effort is required to break this and rainbowtables cant be used
As far is i can tell member_login_key which is in the ibf_members table is only to do with autologin? but i may be wrong
Please correct me if im wrong in any of this but you get the gist of it.
This is a smart move by forum developers to use a salt in order to protect their precious users so put your thinking hats on
the following ipb function generates a random 5 character salt when that user registers their account for the first time. Note that random time is used.
CODE
function generate_password_salt($len=5)
{
$salt = '';
srand( (double)microtime() * 1000000 );
for ( $i = 0; $i < $len; $i++ )
{
$num = rand(33, 126);
if ( $num == '92' )
$num = 93;
$salt .= chr( $num );
}
return $salt;
}
now lets say that our randomly generated salt is '12345' (ok im being boring)
And that our password we use to login is 'qwerty'
take a look at the ibf_members_converge table it contains two important values
converge_pass_salt: contains the value '12345'
converge_pass_hash: contains md5( md5('12345').md5('qwerty') )
so this is what happens during authentication
CODE
if ( $this->member['converge_pass_hash'] == $this->generate_compiled_passhash( $this->member['converge_pass_salt'], $md5_once_password ) )
return TRUE; //all good :)
$this->member[] is just a private array of the class_converge which contains some of these values i mentioned
Take a look at class_converge.php it is where most of the action is at
To bruteforce the hashes you need the ibf_members_converge table.
1 pass of a generalised brute forcer may look like this:
if ( md5(salthash.md5(currvalue)) == myhash)
salthash is the md5 hash of our salt, currvalue is the current bruteforce string (eg a,ab,abc,etc), myhash is the hash you want to crack
Basically double the effort is required to break this and rainbowtables cant be used
As far is i can tell member_login_key which is in the ibf_members table is only to do with autologin? but i may be wrong
Please correct me if im wrong in any of this but you get the gist of it.
This is a smart move by forum developers to use a salt in order to protect their precious users so put your thinking hats on
扫一扫
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
