Search
Member List
Calendar
Help
|
Custom password separator in md5($salt.$pass)
|
|
04-10-2012, 10:18 PM
(This post was last modified: 04-11-2012 03:55 AM by oxaners.)
Post: #2
|
|||
|
|||
|
RE: Custom password separator in md5($salt.$pass)
Any attack on md5($salt.$pass) that prepends ?s should crack this if I understand your algorithm correctly. Essentially you are just prepending "/" to everyone's passwords, then calculating the md5($salt.$pass). If an attacker knows this is the algorithm (they would probably see the pattern after a few results with "/" prepended), they could just prepend the "/" to every string in their dictionary (as long as the password is in their dictionary already as a whole or only needs mangling/appending), or append it to the salt.
I'm not coming up with the same hash as you for this though, your example should end up being md5( VTw10NR/password ) which I calculate to be 75f10ef81001f0f1e1f90008a69bd409, so maybe I'm missing something? |
|||
|
|
« Next Oldest | Next Newest »
|
| Messages In This Thread |
|
Custom password separator in md5($salt.$pass) - dodg3r - 04-10-2012, 09:57 PM
RE: Custom password separator in md5($salt.$pass) - oxaners - 04-10-2012 10:18 PM
RE: Custom password separator in md5($salt.$pass) - dodg3r - 04-10-2012, 10:34 PM
RE: Custom password separator in md5($salt.$pass) - undeath - 04-11-2012, 12:24 AM
RE: Custom password separator in md5($salt.$pass) - dodg3r - 04-11-2012, 12:57 AM
RE: Custom password separator in md5($salt.$pass) - undeath - 04-11-2012, 01:04 AM
RE: Custom password separator in md5($salt.$pass) - oxaners - 04-11-2012, 04:05 AM
RE: Custom password separator in md5($salt.$pass) - .::Rizwan::. - 05-02-2012, 09:52 PM
|