Collaborate Disseminate
I obtained a sha1 hash and a salt from a vulnerable pen testing machine, but i cant seem to crack it using hashcat 3.4.0 and online tools. Am i supposed to format the hash and the salt differently?
The hashcat command I used is:
hashcat64…. Continue reading Cracking SHA1 Hash + Salt Help [closed]
This is a broader question but here a concrete example:
From apache.org:
File hashes are used to check that a file has been downloaded correctly. They do not provide any guarantees as to the authenticity of the file.
I don’t understand t… Continue reading Is a SHA checksum enough to verify integrity and authenticity?
In general(PKI), encryption happens with public key and decryption happens with private key. But, how Certificate Authority sign a digital certificate with private key? How this can be validated using public key in browser? What is the log… Continue reading why CA use private key to sign a digital certificate? What is the logic behind sign a digital certificate with CA private key?
I use a password scheme where I keep a small number of easy to remember personal passwords. Instead of using the passwords directly for each service, I run them through a hashing algorithm first, as a sort of a seed, together with the name… Continue reading How secure is this hash-based personal password scheme?
Is PBEWITHSHA256AND128BITAES-CBC-BC known to be outdated or is it considered robust?
Is it sufficient in applications that need to protect PII?
Thanks.
I was working on a project where two programs are exchanging information over a network. I am having them generate a public/private RSA key pair to encrypt traffic.
It seems that one of the programming language environments has a built-in… Continue reading Risk of downgrading SHA-512 to SHA-1
Security Newbie,
I’m using OpenSSL for my client, and noticed that when testing it against Bad ssl’s sha1-intermediate test, it accepts it although the agreed upon cipher is TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (0xc02f). I had to set the … Continue reading Does the entire certificate chain need to be signed with the agreed upon cipher under TLS?
I’m a computer engineering student and I want to implement a cryptographic function for a college project. I want to realize my personal implementation of a WPA2 hash producer in C (and upload it to my FPGA). The main goal would be to use … Continue reading SHA1 standard steps [migrated]
I have an openldap with ppolicy on SSHA-512. When clear text password is sent from client, the password will be stored as SSHA-512, fine.
My problem appears, once already hashed password is send e.g SHA, SSHA, the hashed value is encrypt… Continue reading Openldap re-encrypts already hashed password [migrated]
I am attempting to understand the format for this Salted SHA1 hash for an assignment. The line of text I was given was:
nameExample@email.com,nameExample,nameExample@email.com,nameExample,,,aadefeff82b5c1a2272079151dc489822aeaa6ca,7391178a… Continue reading Can’t solve format for Salted SHA1 hashes with Hashcat?