Posts: 2
Threads: 1
Joined: Jul 2022
07-27-2022, 05:12 AM
I have a hash algorithm:
Code:
const hash = (password) => {
const sha = crypto.createHash('sha256');
sha.update(password+SALT);
return sha.digest('base64').substr(0, 6);
};
But it just uses first 6 bytes after base64.
How can I solve it?
Posts: 197
Threads: 0
Joined: Nov 2017
This is not something hashcat can do. Also the first 6 bytes of base64 only gives you the first 4 bytes of the hash. So you lose 224 bits of info about the hash. This will result in *a lot* of false positives for the password+SALT combination resulting in those 4 bytes.
I doubt this is worth your time.
Posts: 2
Threads: 1
Joined: Jul 2022
07-27-2022, 01:46 PM
(07-27-2022, 09:48 AM)DanielG Wrote: This is not something hashcat can do. Also the first 6 bytes of base64 only gives you the first 4 bytes of the hash. So you lose 224 bits of info about the hash. This will result in *a lot* of false positives for the password+SALT combination resulting in those 4 bytes.
I doubt this is worth your time.
Oh I just need to get one possible answer of the password.
Posts: 893
Threads: 15
Joined: Sep 2017
(07-27-2022, 01:46 PM)huolongguo10 Wrote: (07-27-2022, 09:48 AM)DanielG Wrote: This is not something hashcat can do. Also the first 6 bytes of base64 only gives you the first 4 bytes of the hash. So you lose 224 bits of info about the hash. This will result in *a lot* of false positives for the password+SALT combination resulting in those 4 bytes.
I doubt this is worth your time.
Oh I just need to get one possible answer of the password.
do you know the salt and the 6 bytes? if yes, implement this "algorithm" in any programming/scripting language and feed this with bruteforce generated strings and break when this algo hits your 6 bytes (feeding incrementing numbers only maybe also work) well this sounds like a funny "give it a try" project for tomorrow (i will try to find a collision with numbers for sha(string+SALT)