Jump to content

HELP... ! to convert SHA1 Hashes

humaiz

By humaiz
in Mathematics

 Share

Recommended Posts

humaiz

humaiz

Posted
Posted

D2C04A5AA4CEE8AD5E100E4618BE401862CAE743

 

i need to convert this hash

 

plz help me to convert this hash and let me know the method of translation

 

 

thank you all..........

 

plz talk to meeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee....

Link to comment
Share on other sites
imatfaal

imatfaal

Posted
Posted

SHA1 is very secure - there are theoretical exploits that may lower the brute force search by production of disturbance vectors to be used in collision attacks- simplistically it lowers use of hash function calls to around 2^51 up to 2^57 down from pure brute force of 2^80. To actually crack a SHA1 - unless it is poorly implemented is very time consuming unless you have access to serious computing power. As with most cryptanalysis wikipedia and the net are a great source of info - even if some of it is a little too excitable.

For rough ideas of times involved SHA0 which was superceded by SHA1 has the following info in wikipedia: (nb SHA0 now has lowerfaster algorithms in the order of 2^39 calls)

Subsequently, on 12 August 2004, a collision for the full SHA-0 algorithm was announced by Joux, Carribault, Lemuet, and Jalby. This was done by using a generalization of the Chabaud and Joux attack. Finding the collision had complexity 251 and took about 80,000 CPU hours on a supercomputer with 256 Itanium 2 processors.

So even if the best algorithms results are correct for SHA1 you are looking at a similar amount of computing time

Link to comment
Share on other sites
humaiz

humaiz

Posted
  • Author
Posted

SHA1 is very secure - there are theoretical exploits that may lower the brute force search by production of disturbance vectors to be used in collision attacks- simplistically it lowers use of hash function calls to around 2^51 up to 2^57 down from pure brute force of 2^80. To actually crack a SHA1 - unless it is poorly implemented is very time consuming unless you have access to serious computing power. As with most cryptanalysis wikipedia and the net are a great source of info - even if some of it is a little too excitable.

 

For rough ideas of times involved SHA0 which was superceded by SHA1 has the following info in wikipedia: (nb SHA0 now has lowerfaster algorithms in the order of 2^39 calls)

So even if the best algorithms results are correct for SHA1 you are looking at a similar amount of computing time

 

 

 

 

First of all i really thank imatfaal to reply me...

 

 

brother

i have found some people are doing brute forcing for SHA1 using Graphical Processor.

 

i got some software's working in GPU,

 

so i purchased a high performed computer from singapore

last month,

 

sapphire radeon HD6990 VGA 4GB two cards

16GB RAM

Core i7 980 Processor

MSI board

 

 

plz help me to write a code

Link to comment
Share on other sites
imatfaal

imatfaal

Posted
Posted

Sorry - not my scene. You can search for projects with distributables that run on GPUs and use absolutely enormous look up tables - you might get lucky (any non standard ascii character will mean complete failure) and longer messages will not be crackable. Fair warning - you need to generate the look up tables and they weigh in at around half a terra-byte each.

 

Also bear in mind that what you are doing may be illegal where-ever you are, and the use of the data that you obtain will again possibly be illegal

Link to comment
Share on other sites
Dave

Dave

Posted
Posted

These codes are not trivial and require a lot of mathematical analysis. A starting point may be to consider the papers that have been published in and around the area. However, it is incredibly unlikely that anyone here (including myself) will be able to assist; even if they could, I have no doubt that they would question your motives for doing this.

 

I disagree with your post slightly imatfaal, in that even though IANAL, I would believe that it is almost certainly not illegal to find a collision for your checksum (at least in the UK). Obviously, if you then use this for any sinister purposes you will potentially find yourself in a lot of trouble.

Link to comment
Share on other sites
imatfaal

imatfaal

Posted
Posted

I disagree with your post slightly imatfaal, in that even though IANAL, I would believe that it is almost certainly not illegal to find a collision for your checksum (at least in the UK). Obviously, if you then use this for any sinister purposes you will potentially find yourself in a lot of trouble.

I think you are almost certainly correct for your own checksum, but if you had a list of 1000 passwords that were hidden with an SHA1 hash and were trying to brute force (or rainbow field etc) then I think another conclusion could be drawn - even in England you can now be prosecuted under conspiracy/je or for "going equipped"

 

 

The Theft Act 1968 has the following in section 25

Going equipped for stealing, etc.

 

1)A person shall be guilty of an offence if, when not at hisplace of abode, he has with him any article for use in the course of or inconnection with any [burglary or theft] .

 

2)A person guilty ofan offence under this section shall on conviction on indictment be liable toimprisonment for a term not exceeding three years.

 

(3)Where a person is charged with an offence under thissection, proof that he had with him any article made or adapted for use incommitting a [burglary or theft] shall be evidence that he had it with him forsuch use.

It would be a stretch - but not illogical or unbelievable. I am a lawyer, but not a practitioner so I would not know if this law has ever been extended (or attempted to be extended) in this manner as it wasn't mentioned when I learnt it; the law did have 'cheat' remove from the offences cos this is now covered in the Fraud Act 2006 (IIRC) which might also cover the breaking of passwords to gain unwarranted access. Going equipped is a very strange idea and can smack of arbitrary justice - I often carry enough tools to break into a car - but I would be bloody livid if I got pulled for it. My proviso was because I would not be at all surprised if other jurisdictions had similar but more technologically up to date legislation.

Link to comment
Share on other sites
John Cuthber

John Cuthber

Posted
Posted

I'm not a lawyer but I'm pretty sure that none of the tools I ever carry was " made for use in committing a burglary" (or so adapted) so, if I were pulled for it, I'd sue.

 

I also don't know a lot about hash codes except that the whole point of them is that the thing the OP wants to do has been made as difficult as possible.

 

If anyone here knew how to do it they would be in a position to make a lot of money ( or really piss off several major governments by posting it on wiki, depending on their outlook on life).

Link to comment
Share on other sites
imatfaal

imatfaal

Posted
Posted (edited)

Good luck suing the police for pulling you over if they have a reasonable suspicion - at the moment you have the devils own job making anything stick when they push you to the ground and cause a fatal heart attack in front of the cameras. The tools can be ordinary tools btw - but then there is a burden of proof to show that you had them in order to commit a crime, if the tools have been adapted (a telescopic arm with a hook to get car keys off the table beside the front door through the letter box - ie a car aerial with a bit of coat hanger) or created (ie those clever keys that open multiple sorts of car doors) then no further evidence is required other than possession.

 

 

Oh and on the hash codes - to get a forty character message from a SHA1 hash is very difficult and processor hungry as I mentioned above. But a major use of hash codes is the encryption of password lists. this forum, for instance, might keep all our pass words in a single file in hash form. These lists are often not kept as secure as they should be (people thought they were uncrackable). But most passwords are only 5-8 characters long - so nefarious sorts used a hash generator to make tables of the hash result of every combination of 5,6,7, or 8 standard keyboard characters. these tables are enormous but if you use a very fast graphics chip with optimised programming you can use the encrypted password as a search term and find it in a short amount of time - and if it is 8 or less standard characters then it will be in your table and you have the unencrypted password. And I am sorry to say - it's already on wiki.

Edited by imatfaal
Link to comment
Share on other sites
humaiz

humaiz

Posted
  • Author
Posted

Thanks guy's..................

 

reply's to my request........

 

 

 

dont make it as legal issue ..... i just finding a way how it can be ...........

i hve already done.... my requirement, i got from a web site

 

 

thank you all..........................

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.