sha1($salt.$pass) fails with salt larger than 49 characters
#1
Hi,

As per the topic, sha1($salt.$pass) with a salt larger than 49 characters fails to work properly.

For example, from the plaintext 'bacon' (with salt:hash, in case it isn't immediately obvious):

49 character salt:
12345678901234567890b8d07d079c75d3aaaaaaaaaaaaaaa:6033d8cebf4e8532a1822de2d5d0d999faff6ead

hashcat recovers the password just fine.

50 character salt:
12345678901234567890b8d07d079c75d3aaaaaaaaaaaaaaaa:30d0b1d0453f7b80f7c096f75c19e91e31be9f18

hashcat fails to recover the password, even if using a wordlist containing the plaintext (bruteforce fails too, obviously).

This is cudaHashcat-plus64 on Windows 7, latest build.

Does anyone have any suggestions / workarounds? I'm happy to post any output / debug messages that may be required to help resolve this.

Thanks! Smile


Messages In This Thread
sha1($salt.$pass) fails with salt larger than 49 characters - by WiteRabit - 12-19-2012, 10:39 AM