Hashes.org Forum
Uploader bug - Printable Version

+- Hashes.org Forum (https://hashes.org/forum)
+-- Forum: Hashes.org (https://hashes.org/forum/forumdisplay.php?fid=4)
+--- Forum: Technical (https://hashes.org/forum/forumdisplay.php?fid=5)
+--- Thread: Uploader bug (/showthread.php?tid=40)

Uploader bug - ekuznetsov - 05-09-2017

Uploader seems to reject all correct founds for SHA1 if the hash starts with 00000. Take a look at the Yahoo list (#563), for example. It's shown as only 91% done, but many of the remaining 9% are easy to crack and the uploader simply won't recognize them as valid solutions. Around a quarter of all remaining hashes start with 00000's. Try these:


Re: Uploader bug - ekuznetsov - 05-13-2017

OK, I see the problem.

Hashes starting with 00000s are not, strictly speaking, correct. Applying SHA1 to my first example produces


1) hashcat (3.3) only checks the last 16 bytes of the hash, which is why it recognizes this as a valid solution
2) clearly it _is_ the intended solution, since the odds of match in last 16 bytes are astronomical

Re: Uploader bug - tibit - 05-25-2017

those starting with 00000 are typical the "SHA-1(Linkedin)" algo

you can post them as "SHALINKEDIN" algo

Re: Uploader bug - ekuznetsov - 05-31-2017

That's a bit better but it still does not work correctly. I just ran Yahoo lefts (https://hashes.org/download.php?type=leak&id=563&list=left) against my wordlist, produced 38538 hits, and uploaded them as "SHALINKEDIN".
I got credit for 38370 "old plains", 0 "new plains", and posted numbers for Yahoo lefts are unchanged.

Likewise, for the ISW2012 list (https://hashes.org/download.php?type=leak&id=560&list=left), I've uploaded 2282 pws as "MD5" and 89 pws as "MD5MD5", and it credited them all as "old plains" even though their corresponding hashes are in the left list on the site right now.