Uploader bug

Technical information, status and bugs are posted here.
ekuznetsov
Posts: 3
Joined: Tue 2. May 2017, 10:40

Uploader bug

Postby ekuznetsov » Tue 9. May 2017, 18:02

Uploader seems to reject all correct founds for SHA1 if the hash starts with 00000. Take a look at the Yahoo list (#563), for example. It's shown as only 91% done, but many of the remaining 9% are easy to crack and the uploader simply won't recognize them as valid solutions. Around a quarter of all remaining hashes start with 00000's. Try these:

00000faf60e4f77c4ef55dd966dcd2649fe6e305:twoplustwo2_
0000095f938b1ba1f9a02efdaf7cd3c661795084:TymarSmith
000006c74e6e65006b2dd31073a07802e9bea7c4:lizacohen9954

ekuznetsov
Posts: 3
Joined: Tue 2. May 2017, 10:40

Re: Uploader bug

Postby ekuznetsov » Sat 13. May 2017, 01:18

OK, I see the problem.

Hashes starting with 00000s are not, strictly speaking, correct. Applying SHA1 to my first example produces

0e066faf60e4f77c4ef55dd966dcd2649fe6e305

However:
1) hashcat (3.3) only checks the last 16 bytes of the hash, which is why it recognizes this as a valid solution
2) clearly it _is_ the intended solution, since the odds of match in last 16 bytes are astronomical

tibit
Posts: 23
Joined: Sun 27. Sep 2015, 09:22

Re: Uploader bug

Postby tibit » Thu 25. May 2017, 14:34

those starting with 00000 are typical the "SHA-1(Linkedin)" algo

you can post them as "SHALINKEDIN" algo

ekuznetsov
Posts: 3
Joined: Tue 2. May 2017, 10:40

Re: Uploader bug

Postby ekuznetsov » Wed 31. May 2017, 09:01

That's a bit better but it still does not work correctly. I just ran Yahoo lefts (https://hashes.org/download.php?type=le ... &list=left) against my wordlist, produced 38538 hits, and uploaded them as "SHALINKEDIN".
I got credit for 38370 "old plains", 0 "new plains", and posted numbers for Yahoo lefts are unchanged.

Likewise, for the ISW2012 list (https://hashes.org/download.php?type=le ... &list=left), I've uploaded 2282 pws as "MD5" and 89 pws as "MD5MD5", and it credited them all as "old plains" even though their corresponding hashes are in the left list on the site right now.


Return to “Technical”

Who is online

Users browsing this forum: No registered users and 2 guests