Thread replies: 47
Thread images: 2
Thread images: 2
>>
general knowledge of Bcrypt thread as well as possible ways to go about decrypting for technology paper purposes
>>
>>59009104
It's not encryption. You can't find the original password. You're a retard.
>>
>>59009143
False, bcrypt can be decrypted, move along noob.
>>
>>59009143
they can not be converted simply to plain text but the original hash may be found which can
>>
>>59009104
You don't "decrypt" a hash.
>>
>>59009151
bcrypt is used for hashing, not encryption.
>>
>>59009214
>>59009212
so therefore what youre saying is an original password can come from cracking the hashes and your problems are with the words used to describe the process
>>
This is a learning thread so post reasoning instead of annoying shitpost
>>
>>59009104
I believe I have heard it can be done except I do not know how to either
>>
>>59009226
>so therefore what youre saying is an original password can come from cracking the hashes and your problems are with the words used to describe the process
They aren't saying that at all. You aren't decrypting anything, you are just generating another hash and then comparing the two, if they don't match you move on to the next one.
>>
OP Is a faggot and has no idea what he's talking about, once again.
/g/ has gone to shit since 4chan went mainstream.
>>
>>59009362
then how would that hash be converted to plain text
>>
>>59009380
>then how would that hash be converted to plain text
....what? You don't convert them, you just keep track of what the original password was before you hashed it. If you do that enough times, eventually you will fine a hash that you generated that matches the one you were trying to "decrypt" to begin with. Eventually in this case means never pretty much, but the point still stands.
>>
>>59009431
You have no idea what you're talking about.
>>
>>59009456
finally someone who knows what theyre talking about, i know its possible i.e. ashley madison
>>
>>59009456
>>59009470
I really don't know why you are struggling with this concept, it's pretty easy to grasp.
>>
>>59009502
not same poster
>>
This thread is just depressing
>>
>>59009184
K. Good luck matching the algorithm, the number of iterations, the salt and the finally the password.
>>
>>59009546
the algorithm is blowfish, 9 steps, salt is known just by looking at the hash, i'm not sure what you mean
>>
>>59009590
8 steps*
>>
>>59009590
also in terms of dropbox the key is the user id number.. so
>>
>>59009470
Not the same anon, but it's amazing you think that anyone who explains something to you doesn't know what they're talking about. Hopefully this will get through that thick skull of yours.
You cannot 'decrypt', 'reverse', or undo in any way a hashing algorithm. What this means in day to day life is that you can only find what are called collisions. This is when an input, such as a string of text, produces the output hash you are looking for. Using the deprecated md5 hashing algorithm, I create the hash for the string, 'password'.echo "password" | md5sum
The hash is 286755fad04869ca523320acce0dc6a.
Without knowing the input string, you could simply go through the list of most commonly used passwords and find a string that matches. You will never reverse the algorithm, but you can find a match, which is what everyone is trying to convey to you.
Of course, salting the hashes would prevent you from going through a wordlist, but that's something else.
>>
>>59009679
>Of course, salting the hashes would prevent you from going through a wordlist, but that's something else.
That's incorrect, since the salt is, almost always, provided with the hash.
The purpose of salts is mainly preventing time-space trade-offs such as rainbow tables.
>>
>>59009679
There is nothing to get through my thick skull, someone talking shit is not someone explaining the process, as you just did so thank you, I understand the basic tenants behind the process so half of what I was looking for were the logistics on how to process on how people have in fact found a match to hashes such as the one provided above so thank you
>>
>>59009726
>I understand the basic tenants behind the process
You don't know shit, especially not Dunning-Kruger apparently.
You need to learn to use Google and recognize when you have no clue what you're talking about.
>>
>>59009756
coming from someone who mistakes using proper grammar on 4chan to having superior intelligence, you must not know dunning kruger either
>>
>>59009706
Thanks for the correction!
>>59009726
Sorry for being so abrasive anon, I know you're just trying to learn.
>>
>>59009756
>>59009786
exactly thank you, I am simply just trying to learn.
>>
>>59009775
The difference being that I'm aware my English is imperfect, being that I'm a foreigner.
And I'll add that intelligence has nothing to do with knowledge, but arrogance often points to a lack of intelligence.
>>
>>59009803
except my acknowledgement of not using proper grammar should suffice as awareness of such, basic logic, I also find it odd that someone who says "you dont know shit" can expect anyone else to be anything but "Arrogant" after that statement.
>>
>>59009825
I don't believe it's arrogance to call out arrogance, and that's what I'm seeing in this thread.
I don't claim to be better than anyone, but you don't start a "learning thread" by rejecting valid explanations while clearly demonstrating total confusion about the subject.
>>
>>59009853
Assuming the same person is rejecting valid explanations and also assuming that person is me
>>
>>59009853
having said that even though I may have come off arrogant, I appreciate what I have learned in this thread
>>
>>59009866
That's fine, sorry I replied to the wrong Anon then, but my point still stands for whoever else it was.
>>59009881
If you learned, that's at least a positive thing. Now what would be good is if you made your on research before creating threads like this.
>>
>>59009897
I have tried to research but I just started learning yesterday and just wanted to throw myself into an environment, very well a hostile environment, to learn more at once
>>
>>59009456
What the actual fuck?! How come this faggot hasn't been banned?
GET THE FUCK OUT OF MY /g/.
>>
>>59011664
What the actual fuck? You show up 3 hours later to shitpost in a dead thread and you don't even sage?
>GET THE FUCK OUT OF MY /g/.
>>
>>59011684
Install Gentoo
>>
>>59011731
T H I S S
H
I
C
C
>>
/g/ is pure shit, this thread is a testament to that fact
>>
>>59011922
You're pure shit.
>>
>>59012075
your*
>>
File: 1402648175669.gif (1MB, 200x150px) Image search:
[Google]
1MB, 200x150px
>>59012139
I bet you know how many toes a fish has.
>>
>>59009099
What's the point of the salt when it's right next to the hashed password?
>>
>>59012782
the salt is never the same for the same input, then when you verify the checksum you need to know the salt, algorithm used, and passes done. Hence its all stored in the same string so it's easy. Its just like adding random characters to any given password essentially. There may also be a 'pepper' applied which is a constant salt applied to every hash function. Peppers are not recommend.
for example
(Z = hash(n)) != (Y = hash(n))
but
verify(Z,n) and verify(Y,n) both return true.
Thread posts: 47
Thread images: 2
Thread images: 2