Collaborate Disseminate
Why doesn’t my conversion from id_rsa work?
I have an empty file in the final conversion idrsa.hash
and when I use command cat idrsa.hash to check the result is
ERRNO2 no such file or directory : id_rsa
impossible to convert the file wit… Continue reading error john the ripper on id_rsa conversion
Goal:
Given a trusted server S and n low-power devices Ai, comprised of a trusted part Ai,T and an untrusted part Ai,U, we want S to able to discover the set of all devices within wireless range of Ai. This information is crucial, as it wi… Continue reading Preventing secret tunnels in IoT device discovery
I have been researching kerberos and ntlm for the last couple of days and still got one thing unresolved.
After an interactive logon with kerberos, you will have in the cached credentials both kerberos tickets and ntlm hashes. I figured wi… Continue reading How NTLM SSO is preformed on smartcard Kerberos logon?
How does Linux know if a new password is a "wrapped" version of an old password?
(or, the process of creating a new password) know "certain" parts of one’s password?
Let’s say I have the password abcEFGH123321 and I set… Continue reading How does Linux know if a new password is a "wrapped" version of a old one?
How unsafe would be to publish the hash of my passwords?
I have written a Python script for helping me to remember my basic passwords (computer password, encrypted backup password, AppleID password, and KeyChain password).
It is hardcoded … Continue reading Is it safe to publish the hash of my passwords?
An attacker want’s access to a specific account, he doesn’t know the password.
It’s a high entropy password. +128bits
The attacker has the hash for the password (Assuming OWASP suggested bcrypt with cost 12)
The attacker has a list with n… Continue reading Having a list of hashes for the same password compromise the security of the password?
Considering:
A VERY motivated attacker,
A large entropy password, as in 256bits¹ hashed in bcrypt (with recommended cost factor of 12), and
Attacker knowledge of everything he might need (except the password): hash, salt, cost, etc [AFAIK… Continue reading Are bcrypt hashes safe enough if exposed?
Confidentiality is the property of a message whereby no one but the person who knows a secret (let’s calle it K) can read the message.
Hashes do not provide confidentiality (data is destroyed, you can’t recover it)
Following these defini… Continue reading Is it OK to hash sensitive data, given hashes provide no confidentiality?
I’m currently doing some research on a pretty huge list of hashes (approx. 2 millions) and thus I’d like to improve my cracking speed. The hash format is 12 rounds of SHA512(password + salt), which could be written like this: sha512(sha512… Continue reading Dynamic format used in John the Ripper jumbo way slower than MDXFind
I am trying to configure Raspberry Pi OS to be read-only.
In theory, both / and /boot are read-only. That being said, I am experiencing a strange discrepancy and can’t figure out what is happening.
I create clones of /boot using dd before … Continue reading What can make unmounted volumes SHA512 hashes differ while mounted volumes content SHA512 hashes are identical?