09-05-2016, 08:51 PM
(This post was last modified: 09-06-2016, 11:31 PM by norfSprite.)
(09-03-2016, 11:22 AM)atom Wrote: In theory you just need to know the first, maybe 8 byte, to check if the password was correct. The salt length is limited, however, but can be of dynamic length if it's not too long.
Interesting I did not know that, that seems like a critical flaw.
Is there documentation about this that you could point me to?
Edit: testing shows that the password is recoverable with only 32 bytes (b64 format), the other 12 can be any valid b64 character.
The hash displayed when cracked has the last two characters changed, why is this?
SCRYPT:16384:8:1:d29ybGQ=:xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxkfesTIiWK
SCRYPT:16384:8:1:d29ybGQ=:xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxkfesTIiU=:hashhashhashhashhashhashhash
Session.Name...: hashcat
Status.........: Cracked
Input.Mode.....: File (scryptTests/s.dict)
Hash.Target....: SCRYPT:16384:8:1:d29ybGQ=:kV5oiUfzPhEra/O...
Hash.Type......: scrypt