What kind of application it is? If it's a Windows application then you can look for Application ActiveXs, COM dlls and maybe found the ones that do the password hashing and then you can use them to crack the passwords. Cesar. --- Ronish Mehta <sf_mail_sbmat_private> wrote: > --- David Schwartz <davidsat_private> wrote: > > Two things: > > > > 1) You should have hashed a few of the shortest > > possible passwords, like > > 'a' and 'b' if the program would allow you to. At > > minimum, you should have > > hased passwords that are much more similar, like > > 'foo0' and 'foo1', or > > ideally '0' and '1'. You have no passwords that > > differ by only one > > character. > > Application does not allow to put smaller passwords > > Password0 - D5FBB0C7C20D9CE79D3B837BD6FB3505 > Password3 - D5FBB0C7C20D9CE7B872B3A0BD587B8D > Password4 - D5FBB0C7C20D9CE7BE369511C82DD666 > Password5 - D5FBB0C7C20D9CE75B475FA1726B4870 > > > 2) You need to tell people what it is they're > > working on. If we're going to > > help you compromise the security of something, we > > need to know what it is. > > You don't mention whether this is an algorithm you > > constructed just for this > > challenge or whether it's a real algorithm. > > This is a real algorithm. It is used in a small > application used at the company I work for, I posted > this because i need to make a password audit for > weak > passwords, I have full access to the database this > is > how i get access to the hashes! > We do not have access to the source code, so i can;t > figure out the algorithm > > > __________________________________ > Do you Yahoo!? > Yahoo! SiteBuilder - Free, easy-to-use web site > design software > http://sitebuilder.yahoo.com __________________________________ Do you Yahoo!? Yahoo! SiteBuilder - Free, easy-to-use web site design software http://sitebuilder.yahoo.com
This archive was generated by hypermail 2b30 : Fri Aug 01 2003 - 13:23:55 PDT