Cryptohaze.com

[nem123]

Will you be giving support for smf 1.1.x sha1($username.$pass) ?

[Bitweasil]

At some point I might. Do you have details on the algorithm used?

Currently, I'm working on refactoring the code (again) and going to a network daemon based system that will make adding hashes much easier, support multiple GPUs, multiple CPUs, and allow all systems on a given network to contribute (I don't intend to support internet-scale deployments, as that adds much difficulty with results verification - trusted networks only, for now).

[nem123]

No i am very new to this.

[Bitweasil]

Find details on the algorithm and you will have a much higher chance of it being supported.

[Sc00bz]

It's stored in the database like this:
sha1(strtolower($username) . $password)

The session cookie is stored as (this is because they are dumb):

Code: Select all

$salt = substr(md5(mt_rand()), 0, 4);
sha1(sha1(strtolower($username) . $password) . $salt)

There is a problem the salt is only on the sever so you would need to brute force the four hex characters of salt too. Well that and it's 2 SHA1s instead of one SHA1.

[Bitweasil]

So 2000 SHA1s to test a single password with all salts, with no good way of extracting the salt? That sounds decent. Probably more vulnerable to dictionary attacks than brute force, but I'll see what I can do.

[nem123]

I'm newie but i have been using password pro and no need to enter a SALT to crack the SMF1.1.x HASH

It's only USER:HASH

No salt required.
hope that helps

[Bitweasil]

What exactly is SMF?

[nem123]

a forum hxxp://www.simplemachines.org/

[Sc00bz]

It's stored in the database like this:
sha1(strtolower($username) . $password)

The session cookie is stored as (this is because they are dumb):

Code: Select all

$salt = substr(md5(mt_rand()), 0, 4);
sha1(sha1(strtolower($username) . $password) . $salt)

There is a problem the salt is only on the sever so you would need to brute force the four hex characters of salt too. Well that and it's 2 SHA1s instead of one SHA1.

Hope that helps clear things up. I think nem123 is only interested in the database hash and not the session cookie. Also you'll need to do 65,537 SHA1s to test all the session cookie salts. Since the first 40 characters are the same you only need to do the first 10 out of 80 steps of SHA1 once for the 65,536 times you need to run SHA1.