viernes, 23 de agosto de 2019

Criptografía (CLXV): Solución Reto id0-rsa "Fast Hashing Passwords"

En este post la solución de otro de los retos de la plataforma id0-rsa, dedicada exclusivamente a desafíos de criptografía, y que figura en ella bajo el 'Tag' 'Hashing'.

En este caso lo voy a resolver sólo mediante un script de python.

El reto en cuestión tiene por título "Fast Hashing Passwords" y, en mi opinión, presenta un nivel de dificultad bajo (☆☆☆).

Su enunciado dice lo siguiente: 'Cryptographic hash functions shouldn't be used to hash passwords directly. It's important to hash passwords before storing them, but using a cryptographic hash function directly isn't sufficient even if salt is included. Salt is intended to make it so that an attacker can't use a table of precomputed hashes of common passwords, but if your hash scheme itself is very fast to compute (as raw cryptographic hash functions are), an attacker won't need a precomputed table, as doing the computation live will be reasonable', se pide lo siguiente'To demonstrate how fast cryptographic hash functions are on passwords, hash every password in the rockyou list of common passwords (14,344,391 passwords total), with sha256. Submit the password with the lowest hash value concatenated to the end of the password with the highest hash value'.

Solución:

Script de python:

from hashlib import sha256
from tqdm import tqdm

f = open('rockyou.txt', 'rb')

rockyou = f.read().split(b"\n")

sha256_menor = ('',115792089237316195423570985008687907853269984665640564039457584007913129639935,'')
sha256_mayor = ('',0,'')

for password in tqdm(rockyou):
    sha256_password = int(sha256(password).hexdigest(), 16)
    if sha256_password < sha256_menor[1]:
        sha256_menor = (sha256(password).hexdigest(),sha256_password,password)
    if sha256_password > sha256_mayor[1]:
        sha256_mayor = (sha256(password).hexdigest(),sha256_password,password)

print'[+] Hash sha256 menor ...',sha256_menor
print'[+] Hash sha256 mayor ...',sha256_mayor
solution = sha256_mayor[2] + sha256_menor[2]
print'[+] Solution ............',solution

f.close()

Ejecuto este script:
Por tanto, la solución a este reto es: bert7quinn,3yame1bore.

No hay comentarios:

Publicar un comentario