Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sun, 20 May 2012 15:36:36 +0400
From: Solar Designer <>
Subject: Re: SHA1-Gen / Dynamic_25 Hashes

On Sat, May 19, 2012 at 08:20:06AM -0700, NeonFlash wrote:
> I am not clear what is going wrong here. Trying to crack hashes that have the SMF Forum format:
> sha1(strtolower($user),$pass) and this matches, sha1($salt,$pass)
> The username is the salt in this case. Ofcourse, I have converted the usernames to lowercase. I have tried both SHA1-gen and Dynamic_25 subformat, but it does not work for me. I do not get any error message, the hashing process shows no cracked hashes.

These two both work for me:


There's no need to specify any fancy options - everything is correctly
autodetected with this kind of lines in the input file.  Of course,
you should only use one of these formats, not both at once.  dynamic_25
is expected to be faster.  The "generic SHA-1" format pre-dates JimF's
introduction of SHA-1 support into his "dynamic" format.

As to what was wrong with your attempts:

With $SHA1s$, the salt is suffixed to the password, but in your case
it's a prefix - so we use $SHA1p$ (where the "p" stands for prefix).

With dynamic subformats, the salt is specified after the hash.


Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.