[PHP] Neat Little Hashing Function

triston220 · 04-12-2011, 07:00 PM

Originally Posted by Dentafrice

It would delay. Rotational patterns have always been found and identified. Since the earliest of caesarciphers. Might as well give up, not going to win, kid.

After some time, it would be discovered. But that extra time given may just be enough to for a site admin to figure something's up. Patronizing me is rather rude if I'm honest.

Dentafrice · 04-12-2011, 07:47 PM

My goal really isn't to be nice, so I achieved my point.

triston220 · 04-12-2011, 08:06 PM

Originally Posted by Dentafrice

My goal really isn't to be nice, so I achieved my point.

So what exactly is your goal?

Dentafrice · 04-12-2011, 09:40 PM

For you to learn a little bit

You'll realize that my arrogance comes from years of experience. Listen to what I say and you'll learn something.

Just ask Matt (Source) where my arrogance comes from.

triston220 · 04-12-2011, 09:52 PM

Originally Posted by Dentafrice

For you to learn a little bit

You'll realize that my arrogance comes from years of experience. Listen to what I say and you'll learn something.

Just ask Matt (Source) where my arrogance comes from.

But I haven't learn anything really. :S Why shouldn't a rotation function be used to deter attacks?

Dentafrice · 04-12-2011, 09:54 PM

Sure, you can do it.. just like you can add five salts $salt . $salt . $password . $salt . $salt. Sure, it can deter people.. but it's pointless.

triston220 · 04-12-2011, 10:02 PM

Originally Posted by Dentafrice

Sure, you can do it.. just like you can add five salts $salt . $salt . $password . $salt . $salt. Sure, it can deter people.. but it's pointless.

Why is that? Surly the extra millisecond it takes to execute is worth the potential hours it would add to a bruteforce attack?

Dentafrice · 04-12-2011, 10:06 PM

To a brute force attack yes. Not to an attack where you know how it works, know the salt, and are attempting to just reverse it.. nope.. no help there

I'm not arguing anymore. It's a pointlessargumentand a pointless function.

triston220 · 04-12-2011, 10:12 PM

Originally Posted by Dentafrice

To a brute force attack yes. Not to an attack where you know how it works, know the salt, and are attempting to just reverse it.. nope.. no help there

I'm not arguing anymore. It's a pointlessargumentand a pointless function.

I'm not wanting to argue either, I want to learn more. I want to know why I shouldn't bother. As long as you check for shells etc., you shouldn't have that issue. The function is useful in-case of a database, but not webserver, compromise. At the very least, you could remove the rotation function call and it would still save you time.

Thread: [PHP] Neat Little Hashing Function

Thread Tools

Posting Permissions