As a proof, post xsha1 hash of string not longer that 16 characters and sha1 hash of same string. If the hashes are made of same string, i'll post the corresponding string. Any characters (\x00-\xff) are allowed.
I don't understand... xsha1 has been reversed.
Where?
Everywhere?
You mean what i have written - you can obtain a password from xsha1 hash?
You can't do that with xsha1 or especially sha1 (except by making a table with all possible passwords leading to all possible results). That's the point of a hashing algorithm...
Just read the op post... (Is it true that most persons here are native english speakers? I highly doubt that now)
So, what you're claiming is that you have been able to successfully un-hash a string, then?
A hash is a one-way function. Like Ribose said, the only way to go backwards is to create a table.
Why do you talk instead of testing that?
I'm not sure what you're talking about, but I'm pretty sure you don't know what you're talking about either.
Lol retard, if you are unabled to read the first post in this topic, so i'll do it for you:
Post here xsha1 and sha1 hashes of any string no longer that 16 characters, and i'll try to decrypt it. Undestand?
And now you've proven my point: you don't know what you're talking about.
All you'll be able to do is find collisions. You can't "decrypt" a hash because it's not a crypt, it's a hash.
IF you wanna pay attention on terminology, that's not collision but first preimage.
And yes, this forum went completely retarded. What was happened with old VL, after some admin retard has nuked the database for last half year?
I thought you are one of few working Battle.Net programming forums, but no. Not anymore.
xpeh still trolls here?
xpeh, when you input into SHA1, infomation is lost, thus your not going to beable to otain said infomation with out finding a clash, a 16byte string that produces the same 20 byte hash. Anyone able to write a loop should beable to do this. You can not "reverse" a hash back to its orginal form, due to the lossy nature of hashing. FACEPALM.
More to the point, what does this have to do with bot development?
He's telling the truth I just found out about XSHA1 today and well I wrote a program to reverse an XSHA1 (http://www.tobtu.com/revxsha1.php)...
I found a collision (takes 10.8 seconds to run through 0-20 characters):
hash:hex of password:password
99f0fab8b5b4523e0d58e5efe126fa5f12633b4b:31323334353637383930:1234567890
99f0fab8b5b4523e0d58e5efe126fa5f12633b4b:3d750222f3e685ee030cb703a736efda18021630:=u.".........6.....0
(Sorry I didn't find a collision without control characters. You'll need to use the hex to verify.)
That's not reversing...you aren't recovering the original data.
That the algorithm is very weak has been known for some time (http://uninformed.org/index.cgi?v=2&a=1&p=9).
Quote from: SkywingThe Blizzard programmer responsible for implementing this apparently switched the two parameters in every call to ROL. That is, if there was a ``#define ROL(a, b) (...)'' macro, the programmer swapped the two arguments. This drastically reduces the security of Battle.net password hashes, as most of the data being hashed ends up being zero bits. Because of the problem of incompatibility with previously created accounts, this system is still in use today.
Quote from: rabbit on October 25, 2011, 11:12 PM
That's not reversing...you aren't recovering the original data.
Really? How is it not recovering the original data? It doesnt require a rainbow table and it doesnt require any type of brute force. Feed it any hash u want and it'll probably spit out the "original data" as you call it faster than my hand could slap your forehead if I were standing right next to you. That's pretty damn close to "reversing" it if you ask me. The method of how it's reversed is completely irrelevant. The whole point of the matter is that it WORKS, which is completely the opposite of what you've tried to say to the OP, in that it's "not possible". And here we have someone proving you wrong and you're just trying to look the other way to make it look like what he's done is some sort of irrelevant lie. Get a grip, you were proven wrong. Own up to it for once in your life.
Quote from: inquisitive_mind on November 07, 2011, 03:40 PM
Quote from: rabbit on October 25, 2011, 11:12 PM
That's not reversing...you aren't recovering the original data.
Really? How is it not recovering the original data? It doesnt require a rainbow table and it doesnt require any type of brute force. Feed it any hash u want and it'll probably spit out the "original data" as you call it faster than my hand could slap your forehead if I were standing right next to you. That's pretty damn close to "reversing" it if you ask me. The method of how it's reversed is completely irrelevant. The whole point of the matter is that it WORKS, which is completely the opposite of what you've tried to say to the OP, in that it's "not possible". And here we have someone proving you wrong and you're just trying to look the other way to make it look like what he's done is some sort of irrelevant lie. Get a grip, you were proven wrong. Own up to it for once in your life.
who the fuck are you?