humaiz Posted June 1, 2011 Posted June 1, 2011 D2C04A5AA4CEE8AD5E100E4618BE401862CAE743 i need to convert this hash plz help me to convert this hash and let me know the method of translation thank you all.......... plz talk to meeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee....
imatfaal Posted June 1, 2011 Posted June 1, 2011 SHA1 is very secure - there are theoretical exploits that may lower the brute force search by production of disturbance vectors to be used in collision attacks- simplistically it lowers use of hash function calls to around 2^51 up to 2^57 down from pure brute force of 2^80. To actually crack a SHA1 - unless it is poorly implemented is very time consuming unless you have access to serious computing power. As with most cryptanalysis wikipedia and the net are a great source of info - even if some of it is a little too excitable. For rough ideas of times involved SHA0 which was superceded by SHA1 has the following info in wikipedia: (nb SHA0 now has lowerfaster algorithms in the order of 2^39 calls) Subsequently, on 12 August 2004, a collision for the full SHA-0 algorithm was announced by Joux, Carribault, Lemuet, and Jalby. This was done by using a generalization of the Chabaud and Joux attack. Finding the collision had complexity 251 and took about 80,000 CPU hours on a supercomputer with 256 Itanium 2 processors. So even if the best algorithms results are correct for SHA1 you are looking at a similar amount of computing time
humaiz Posted June 1, 2011 Author Posted June 1, 2011 SHA1 is very secure - there are theoretical exploits that may lower the brute force search by production of disturbance vectors to be used in collision attacks- simplistically it lowers use of hash function calls to around 2^51 up to 2^57 down from pure brute force of 2^80. To actually crack a SHA1 - unless it is poorly implemented is very time consuming unless you have access to serious computing power. As with most cryptanalysis wikipedia and the net are a great source of info - even if some of it is a little too excitable. For rough ideas of times involved SHA0 which was superceded by SHA1 has the following info in wikipedia: (nb SHA0 now has lowerfaster algorithms in the order of 2^39 calls) So even if the best algorithms results are correct for SHA1 you are looking at a similar amount of computing time First of all i really thank imatfaal to reply me... brother i have found some people are doing brute forcing for SHA1 using Graphical Processor. i got some software's working in GPU, so i purchased a high performed computer from singapore last month, sapphire radeon HD6990 VGA 4GB two cards 16GB RAM Core i7 980 Processor MSI board plz help me to write a code
imatfaal Posted June 1, 2011 Posted June 1, 2011 Sorry - not my scene. You can search for projects with distributables that run on GPUs and use absolutely enormous look up tables - you might get lucky (any non standard ascii character will mean complete failure) and longer messages will not be crackable. Fair warning - you need to generate the look up tables and they weigh in at around half a terra-byte each. Also bear in mind that what you are doing may be illegal where-ever you are, and the use of the data that you obtain will again possibly be illegal
Dave Posted June 2, 2011 Posted June 2, 2011 These codes are not trivial and require a lot of mathematical analysis. A starting point may be to consider the papers that have been published in and around the area. However, it is incredibly unlikely that anyone here (including myself) will be able to assist; even if they could, I have no doubt that they would question your motives for doing this. I disagree with your post slightly imatfaal, in that even though IANAL, I would believe that it is almost certainly not illegal to find a collision for your checksum (at least in the UK). Obviously, if you then use this for any sinister purposes you will potentially find yourself in a lot of trouble.
imatfaal Posted June 2, 2011 Posted June 2, 2011 I disagree with your post slightly imatfaal, in that even though IANAL, I would believe that it is almost certainly not illegal to find a collision for your checksum (at least in the UK). Obviously, if you then use this for any sinister purposes you will potentially find yourself in a lot of trouble. I think you are almost certainly correct for your own checksum, but if you had a list of 1000 passwords that were hidden with an SHA1 hash and were trying to brute force (or rainbow field etc) then I think another conclusion could be drawn - even in England you can now be prosecuted under conspiracy/je or for "going equipped" The Theft Act 1968 has the following in section 25 Going equipped for stealing, etc. 1)A person shall be guilty of an offence if, when not at hisplace of abode, he has with him any article for use in the course of or inconnection with any [burglary or theft] . 2)A person guilty ofan offence under this section shall on conviction on indictment be liable toimprisonment for a term not exceeding three years. (3)Where a person is charged with an offence under thissection, proof that he had with him any article made or adapted for use incommitting a [burglary or theft] shall be evidence that he had it with him forsuch use. It would be a stretch - but not illogical or unbelievable. I am a lawyer, but not a practitioner so I would not know if this law has ever been extended (or attempted to be extended) in this manner as it wasn't mentioned when I learnt it; the law did have 'cheat' remove from the offences cos this is now covered in the Fraud Act 2006 (IIRC) which might also cover the breaking of passwords to gain unwarranted access. Going equipped is a very strange idea and can smack of arbitrary justice - I often carry enough tools to break into a car - but I would be bloody livid if I got pulled for it. My proviso was because I would not be at all surprised if other jurisdictions had similar but more technologically up to date legislation.
Dave Posted June 9, 2011 Posted June 9, 2011 Hah, fair enough - it's not often you get a lawyer posting to these kinds of things so I will bow to your superior knowledge of this
John Cuthber Posted June 9, 2011 Posted June 9, 2011 I'm not a lawyer but I'm pretty sure that none of the tools I ever carry was " made for use in committing a burglary" (or so adapted) so, if I were pulled for it, I'd sue. I also don't know a lot about hash codes except that the whole point of them is that the thing the OP wants to do has been made as difficult as possible. If anyone here knew how to do it they would be in a position to make a lot of money ( or really piss off several major governments by posting it on wiki, depending on their outlook on life).
imatfaal Posted June 9, 2011 Posted June 9, 2011 (edited) Good luck suing the police for pulling you over if they have a reasonable suspicion - at the moment you have the devils own job making anything stick when they push you to the ground and cause a fatal heart attack in front of the cameras. The tools can be ordinary tools btw - but then there is a burden of proof to show that you had them in order to commit a crime, if the tools have been adapted (a telescopic arm with a hook to get car keys off the table beside the front door through the letter box - ie a car aerial with a bit of coat hanger) or created (ie those clever keys that open multiple sorts of car doors) then no further evidence is required other than possession. Oh and on the hash codes - to get a forty character message from a SHA1 hash is very difficult and processor hungry as I mentioned above. But a major use of hash codes is the encryption of password lists. this forum, for instance, might keep all our pass words in a single file in hash form. These lists are often not kept as secure as they should be (people thought they were uncrackable). But most passwords are only 5-8 characters long - so nefarious sorts used a hash generator to make tables of the hash result of every combination of 5,6,7, or 8 standard keyboard characters. these tables are enormous but if you use a very fast graphics chip with optimised programming you can use the encrypted password as a search term and find it in a short amount of time - and if it is 8 or less standard characters then it will be in your table and you have the unencrypted password. And I am sorry to say - it's already on wiki. Edited June 9, 2011 by imatfaal
Dave Posted June 15, 2011 Posted June 15, 2011 Rainbow tables are useful for reversing hashes, but they're rendered fairly inert by use of a salt which is stored with the hash. Wikipedia has a pretty good entry on them.
Cap'n Refsmmat Posted June 15, 2011 Posted June 15, 2011 Although if you know the salt for the hash you're trying to break, you can compute millions of possible hashes a second with decent hardware. There is some dedicated software for this purpose if you search around for brute-forcing of hashes.
humaiz Posted June 16, 2011 Author Posted June 16, 2011 Thanks guy's.................. reply's to my request........ dont make it as legal issue ..... i just finding a way how it can be ........... i hve already done.... my requirement, i got from a web site thank you all..........................
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now