hashcat Forum
SHA1 bad result - Printable Version

+- hashcat Forum (https://hashcat.net/forum)
+-- Forum: Deprecated; Ancient Versions (https://hashcat.net/forum/forum-46.html)
+--- Forum: Very old oclHashcat-plus Support (https://hashcat.net/forum/forum-23.html)
+--- Thread: SHA1 bad result (/thread-820.html)



SHA1 bad result - Mem5 - 01-12-2012

Hi,

oclhashcat-plus 0.07 gave me as a result :
Quote:139f69c93c042496a8e958ec5930662c6cccafbf:1:31

It seems wrong : SHA('1') is 356A192B7913B04C54574D18C28D46E6395428AB

Any ideas ?

Regards


RE: SHA1 bad result - atom - 01-13-2012

need more informations to that. hashfile, wordlist, rulefiles, commandline, version, etc.. all that is required to reproduce it locally.


RE: SHA1 bad result - Mem5 - 01-21-2012

I'll PM you.


RE: SHA1 bad result - atom - 01-21-2012

ok thanks for the files. i was able to reproduce what happend.

Quote:$ echo -n 1234 | iconv -f iso-8859-1 -t unicodelittle | sha1sum
139f69c93c042496a8e958ec5930662c6cccafbf -

your original password "1" has been converted to an unicode encoded string "1234" by applying some of the rule in your rules files. during the calculation of the new plain, it oversized the maximum length of 15 and got truncated therefore. but, because it was getting truncated, it matched the plain. in other words, you accidantialy hit the password by doing an illegal action with the rule engine (dont worry you can not control this behaivior). the rule engine just did what it was expected to to in case of an oversized calculation. in theory i could reject this "invalid" result but this would make the gpu engine very slow since gpus hate branches. so in my opinion it better to life with this. thanks for report