Collaborate Disseminate
I’m trying to build a generic function to encrypt HMAC values with a single global secret key, but that can be "scoped" or salted by application/uses. For instance, an HMAC for a session token signature should not be the same as … Continue reading Key derivation for HMAC, concatenate vs multiple HMAC passes
If I am using SHA-512 hash values merely as a means to search fields that have been encrypted elsewhere, is it cryptographically secure enough to hash without salt?
For background, I have been given a non-negotiable requirement to encrypt … Continue reading Using hash to search encrypted records
I created an unshadowed file to run through john, it worked fine. I created some additional users and created a new file with those hashes in there. I run john and get
Using default input encoding: UTF-8
No password hashes loaded (see FAQ)… Continue reading john the ripper not not loading hashes
For example, a password hash is: edgjcgo4866864rfhobd38790g764hkp
Does having the hash of the password make it easier for the attacker to crack the password than not having the hash?
If yes, why does having the hash make it easier to crack… Continue reading Does having the hash make it easier to crack the password than not having the hash? [duplicate]
Binance public API supports access to specific operations with RSA key pair. Firstly customer generates an RSA key pair. The customer uses the secret key to hash(SHA256) the query string parameters and puts the hash value in the query stri… Continue reading Using two different random numbers instead of RSA Keys
Let’s say I want to deploy a simple static website (with no backend server) with some protected pages only visible after entering a password.
I could write a hardcoded salted hashed password and encrypt the protected data with it, but the … Continue reading Is any client-sided password just security by obscurity?
Can you help me get 10 Character String?
In order to get the String how it was before the Hashing Process,
you’ll need to brute force it. Now, to make this easier for you all,
I’ll reveal the format, however, we’ve have made it harder for… Continue reading Can you help me get 10 Character String? [closed]
I know that a password is stored as a hash, because then it is not possible to get the password even if you have access to the password database/file/…
But if you have access, couldn’t you just replace the password hash with some hash wh… Continue reading Why is it not possible to override password hashes
i have this hash list in which I have tried to identify the hash algorithm to no avail, any help will be greatly appreciated
†vƒRsv
} }ot>onk
†vƒRsv
ÁªÅƦŽµ®
³§£v…}
¬¦¼¹È´¾ª
·ª’ÁªÀÇy…
wzRrƒzv
¹£¸À¬Ž´º
v„…v†w…†
†vƒRsv
|o~x y}
::rqsvkx
}… Continue reading Unrecognized hash format [duplicate]
I’ve followed the instructions in this answer and ran apksigner from Android Build Tools in a first attempt to test the authenticity of two sideloaded APKs of the VR SecureGo Plus banking app that I’ve been using for years. The APK source… Continue reading Suspected fake online banking app [migrated]