Author |
Topic: Searching for hash method used (Read 7282 times) |
|
Pete Finnigan
PeteFinnigan.com Administrator
Oracle Security is easier if you design for it
View Profile | WWW | Email
Gender: 
Posts: 309
|
 |
Re: Searching for hash method used
« Reply #1 on: Jul 2nd, 2014, 10:55am » |
Quote | Modify
|
Hi Ivan,
Sorry for the late reply; things are very busy for me and I was just told by someone some unanswered posts are on my forum.
There is little to go on except that it could be base64 but it decodes to binary.
I would look at things like length to see if its a standard length for a known algorithm, or change your password 4 or 5 times and compare the hashes but change your password by one character if you can, so set it to "a" and then "b" or if length is enforced then "passworda" "passwordb"... and see if there is a noticable change in the hash or its completely random. If you can see a pattern its almost certainly not a hash and almost certainly no salt. If its random then it could very well be a hash but if its a salted hash then you would not have the salt (maybe its your username!). If so try an online hash site for common algorithms and try hashing your password to see if you can generate the same value.
hth
Pete
|
|
 IP Logged |
Pete Finnigan (email:pete@petefinnigan.com)
Oracle Security Web site: http://www.petefinnigan.com
Forum: http://www.petefinnigan.com/forum/yabb/YaBB.cgi
Oracle security blog: http://www.petefinnigan.com/weblog/entries/index.html
|
|
|
|
) and it stores password in a Oracle table. My own password is somehow hashed (I assume it's an hash) and looks like this: