Collaborate Disseminate
I am looking to hash user passwords to store in a database that will likely reside on a user’s intranet, so I am expecting the database to be classed as open and insecure.
I am using libsodium 1.0.18 to perform the password hashing.
Is thi… Continue reading Good use of libsodium?
I am running Responder on Kali Linux within a client network using the following command
sudo responder -I eth0 -w -r -d
which is capturing many hashes in the environment. Responder is a LLMNR, NBT-NS and MDNS poisoner used for MITM attac… Continue reading Running Responder outputs many hashes per user, how is this possible?
We use a linked hash list for data integrity.
Content is hashed (HMAC-SHA256) and stored in a block that itself is hashed and referenced in the next block:
Simplified example:
…
{
id: "block1",
cId: "A",
cHas… Continue reading How to confirm the last entry of a linked hash list
I tried writing two hashing function and compared it to MurmurHash64A. To my disappointment one was better but maybe 1.5x slower and the other was slightly faster but had more collisions when I truncated the bits to put in my hash table ((… Continue reading Fast string hash function for a specific table size? [migrated]
I would like to compute the MD5 hash of a file
The file is uploaded to my webserver by my clients
The file is uploaded in pieces (called chunks)
The client also sends the md5 hash of the file so that the file integrity could be verified
Th… Continue reading Is MD5 hashing possible by divide and conquer algorithm
As part of incident response to malicious code outbreak and given the hash value of the malicious artifact, I would like to search across the entire organization for this specific hash value.
Do you know of best practices or solutions that… Continue reading Enpoint protection: How to search an organisation for hash value
I have a VueJs app which I bought, It’s working fine, but I recently discovered that whenever I click any button to Submit a form, it sends the form input values AND the following string:
%2BgzOVm2LDG5gAXBMBh7ujDmozZMP16oQRtDm1mzNoVrKhQZaB… Continue reading Unknown Encrypted text when sending requests [closed]
I know this is a stupid question but I’ve been trying to crack this password hash:
$6$VQoztKJH$0aL8rygMd8gfX7m8cTRWOn4pqQ6bA/jkPyQSnzU0g10E0UiMQjIijs/66vflY7cMrGSKmmiBWE7r8oNCDQc3D/
I’ve been trying this for like 2 days now and no-matter … Continue reading Did someone crack this password hash? [closed]
We are using Java and we are planning to create a reusable API that can be used to generate and validate custom tokens. This is how we will do it
Step 1: Generate a random number using a good a CSPRNG (Cryptographically Secure Pseudorandom… Continue reading Generating tokens via PRNG and Hashing
In a project of mine, I have two fields which I need to use for storing a cryptographic signature (hash) of a file, but I can only use 112 bits in total, spread as 16+12 hex chars in those two fields.
Since I cannot store a full SHA256, I … Continue reading Can a truncated crypto hash of a truncated crypto hash help harden a resource against attacks?