Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- import hashlib
- import binascii
- import timeit
- salt = None
- with open("salt","r") as f:
- salt = f.read()
- def hashPw(pw):
- h = hashlib.sha512()
- h.update(pw)
- h.update(salt)
- nh = h.digest()
- for i in range(1,1024):
- h2 = hashlib.sha512()
- h2.update(nh)
- h2.update(salt)
- h2.update(str(i))
- nh = h2.digest()
- return nh
- def hashTest():
- res = hashPw("derpherp")
- # for a-z there are 36^len posible combinations
- # 28211090456 combinations to bruteforce it
- # but lets assume that the attacker will only
- # have to try 0.1% of them (28211090) it will still
- # take the attacker a long time and rainbow tables won't help him
- # Dictionary attacks: lets say that it takes a 500 000 (very conservative estimate)
- # It took me 1840sec to try all the hashes. If I had used a alphanumerosymbolic password
- # with more than 9 characters it would be unfeasiable to crack it without resorting
- # to FPGAs
- t = timeit.Timer(hashTest)
- print("Time taken to do a single hash: "+str(t.timeit(1)))
- print("dictionary hashes "+str(t.timeit(500000)))
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement