Collaborate Disseminate
I have few WPA handshakes captured. I want to crack the passwords using a brute force attack with Hashcat. How can I find the guess mask (wifi password length) for this attack? Is there any way to find the wifi password length from hash fi… Continue reading Get length of a wifi password using wpa handshake
I am aware of at least one solution for this, but times change and standards change, and I’m not an expert in this field.
So for the average person looking to create secure hashes for passwords and other uses, what is a good tool for that?… Continue reading What’s a good password hashing tool for the general public? [closed]
Can anyone tell me how to dump the Windows 11 PIN? I tried dumping SAM and SYSTEM but the PIN hash is not there. What mode we can use in hashcat to crack it?
Do you have to make a key hash with securely-optimum setting (eg. 100MB memlimit, 3 opslimit) for encryption ?
So I’m making a text encryption function with javascript, using XChaCha20-Poly1305 and Argon2id. It’s already working. The way i… Continue reading Key Hash With Securely-Optimal Setting : For Encryption vs For Password
Now this may seem like a stupid question, but it just occurred to me: How secure is base64 encoding compared to (plain) hashing?
Nobody can read base64 code by itself, but it still isn’t that hard to decode it:
atob("SomePasswordInBas… Continue reading Using base64 for secure encoding [duplicate]
We (collectively) salt passwords, then hash them; maybe even run them through something like PBKDF2 first (depending on how the password will be used).
The end result is that we have a string p and map it to a fixed-length string p’ using … Continue reading How certain is it that a shorter password can’t match the salted hash of a long one? [migrated]
I am making a simple ticketing system for a small local party so people can order their tickets for the party online.
It works like this:
The user enters his info.
He pays for the ticket.
If the payment was successful a unique openssl_ran… Continue reading Saving the code of a ticket unhashed
I have a .dmg file on my MacBook. I have forgotten the password of the .dmg file and now I’m not able to access the files in it.
I tried using John the Ripper. However, whenever I run john –format=dmg-opencl (*insert filename here), I alw… Continue reading How to create a hash file of a .dmg file for use in JTR?
In hashcat, when we need to crack password based on wordlist, but additionally want to try partly bruteforce random ASCII characters in the end of any entry from the wordlist, we can use the following command:
hashcat -a 6 -m 1800 .\unshad… Continue reading john the ripper tool – how to combine wordlist with incremental modes?
I have to secure HTTP requests`s body on application layer, so I wanted to generate signatures with hash of body and the receiver will validate it.
But I can do it in different way and apply it into existing architecture. My server already… Continue reading Applying application-level signing in HTTP