06-30-2017, 09:11 AM
Wow, this is a very nice analysis @epixoip! Well done!
That's some very precious knowledge about how PHP deals with a zero-length salt for sha512crypt (or better said, no salt at all) ... and might be crucial information for other users in the future (that have the same type of hashes - without salt -)
I'm not sure about the "a lot of trouble parsing" and "some bugs in our -m 1800 parser" though, do you think this is worth a github issue?
That's some very precious knowledge about how PHP deals with a zero-length salt for sha512crypt (or better said, no salt at all) ... and might be crucial information for other users in the future (that have the same type of hashes - without salt -)
I'm not sure about the "a lot of trouble parsing" and "some bugs in our -m 1800 parser" though, do you think this is worth a github issue?