MySQL323 - Printable Version +- hashcat Forum (https://hashcat.net/forum) +-- Forum: Misc (https://hashcat.net/forum/forum-15.html) +--- Forum: General Talk (https://hashcat.net/forum/forum-33.html) +--- Thread: MySQL323 (/thread-3210.html)

MySQL323 - Keeper. - 03-07-2014 Greetings, So I was wondering what is really behind the older version of MySQL's hashing algorithm - MySQL 4.1.0? As of MySQL 4.1.1 it's clear that it is sha1(unhex(sha1($pass))) producing a 41-byte string but what about the one that produces a 16-byte string? Also, why does it have multiple possible plaintext values? Hope this hasn't been discussed before since I didn't bother to check. RE: MySQL323 - magnum - 03-08-2014 It's a custom hash function. Like most other home-brewn hash functions it has serious flaws for this use. This is a reason you see many hash collisions. Another reason is simply the fact that the output is as short as 64 bits. Regardless of the quality of a hash function, if it has n bits of output it is simply bound to have at least one hash collision for 2ⁿ+1 inputs. RE: MySQL323 - epixoip - 03-08-2014 http://tobtu.com/mysql323.php http://tobtu.com/mysql323code.php