Cryptohaze.com

Posted: **Mon May 04, 2009 4:45 pm**

Will you be giving support for smf 1.1.x sha1($username.$pass) ?

Posted: **Mon May 04, 2009 4:50 pm**

At some point I might. Do you have details on the algorithm used?

Currently, I'm working on refactoring the code (again) and going to a network daemon based system that will make adding hashes much easier, support multiple GPUs, multiple CPUs, and allow all systems on a given network to contribute (I don't intend to support internet-scale deployments, as that adds much difficulty with results verification - trusted networks only, for now).

Posted: **Mon May 04, 2009 4:55 pm**

No i am very new to this.

Posted: **Mon May 04, 2009 5:06 pm**

Find details on the algorithm and you will have a much higher chance of it being supported.

Posted: **Tue May 05, 2009 2:14 am**

It's stored in the database like this:
sha1(strtolower($username) . $password)

The session cookie is stored as (this is because they are dumb):

Code: Select all: $salt = substr(md5(mt_rand()), 0, 4); sha1(sha1(strtolower($username) . $password) . $salt)

There is a problem the salt is only on the sever so you would need to brute force the four hex characters of salt too. Well that and it's 2 SHA1s instead of one SHA1.

Posted: **Tue May 05, 2009 2:40 am**

So 2000 SHA1s to test a single password with all salts, with no good way of extracting the salt? That sounds decent. Probably more vulnerable to dictionary attacks than brute force, but I'll see what I can do.

Posted: **Tue May 05, 2009 2:36 pm**

I'm newie but i have been using password pro and no need to enter a SALT to crack the SMF1.1.x HASH

It's only USER:HASH

No salt required.
hope that helps

Posted: **Tue May 05, 2009 3:00 pm**

What exactly is SMF?

Posted: **Tue May 05, 2009 3:07 pm**

a forum hxxp://www.simplemachines.org/

Posted: **Fri May 08, 2009 8:49 am**

Sc00bz wrote:It's stored in the database like this:
sha1(strtolower($username) . $password)

The session cookie is stored as (this is because they are dumb):
Code: Select all
$salt = substr(md5(mt_rand()), 0, 4); sha1(sha1(strtolower($username) . $password) . $salt)

There is a problem the salt is only on the sever so you would need to brute force the four hex characters of salt too. Well that and it's 2 SHA1s instead of one SHA1.

Hope that helps clear things up. I think nem123 is only interested in the database hash and not the session cookie. Also you'll need to do 65,537 SHA1s to test all the session cookie salts. Since the first 40 characters are the same you only need to do the first 10 out of 80 steps of SHA1 once for the 65,536 times you need to run SHA1.

Cryptohaze.com

SMF Support sha1($username.$pass) ?

SMF Support sha1($username.$pass) ?

Re: SMF Support sha1($username.$pass) ?

Re: SMF Support sha1($username.$pass) ?

Re: SMF Support sha1($username.$pass) ?

Re: SMF Support sha1($username.$pass) ?

Re: SMF Support sha1($username.$pass) ?

Re: SMF Support sha1($username.$pass) ?

Re: SMF Support sha1($username.$pass) ?

Re: SMF Support sha1($username.$pass) ?

Re: SMF Support sha1($username.$pass) ?