PBKDF2 error.
-
I trying to make a PBKDF2 whithout success.i need use reverse pass as salt and OB give me error any help about that,thanks.
https://prnt.sc/pwedum
-
Same Problem as you having on your other topic. - Base64
The salt you provide is not in Base64 encoded.
-
thanks for all,now all understood.
-
i saw PBKDF2 have problem,when u try to convert password have 6 or 7 lenght,OB give error,and site accept password 6 long to 12,in this case all combos have 6 or 7 long OB give error,thats not good.
thanks for all.
-
Strange - for me shorter passes work too
-
please i talking about output in hex,thanks for u reply.
output base64 not problem,is when output is in hex.
try u self whit any acc have password 6 long.
-
maybe I really don't understand.
here the Base64 converted to a HEX output
@Ruri
now I remember where you forgot the output - on UTILITY Conversion
-
my config is correct,this problem happen only whit passwords 6 or 7 long.
config not problem i got a lot hits but cant use acc whit passwords have 6 or 7 long.
whit output in hex.
correct 8 long.
https://prnt.sc/pwm52f
incorrect 6 long.
https://prnt.sc/pwm5ie
-
Sorry I don't speak your language -
But as far as I understand it's complaining about the salt being not 8 byte long. - Not the pass.
-
yes when u use a pass whit 6 long example pass: xxxxxx
the salt OB said not have 8 bytes,
sorry i not talk correct english.
-
Maybe you confuse Salt and Pass?
As it would be crazy for some Website using a shorter Salt which is not recommended by the Standard. (and so all non-modified crypto libraries don't allow salt with less than 8 bytes. (64bits)Quote from wikipedia:
Having a salt added to the password reduces the ability to use precomputed hashes (rainbow tables) for attacks, and means that multiple passwords have to be tested individually, not all at once. The standard recommends a salt length of at least 64 bits.The US National Institute of Standards and Technology recommends a salt length of 128 bits
(Source: https://en.wikipedia.org/wiki/PBKDF2)
-
no sorry. i send pass whit 6 long i convert to base64 to send in salt,
and OB give error not have 8 bytes.
please try u self to send this pass 123456
convert to base 64,and add to salt and try.
-
I think I don't understand that part
"convert to base 64,and add to salt and try."So you use 123456 as salt and pass?
Because then, yes the library we use for PBKDF2 is following the standard and wants at least 8 Bytes.
To modify this would need a own fork to be maintained.
-
pass: 123456, base64 = MTIzNDU2 is the salt
-
-
please convert to hex.
-
-
bro the salt i send is base 64 u not need convert again.
MTIzNDU2 is 123456 in base64.
-
So you use 123456 as Pass AND Salt?
As said above - only 6 Bytes as Salt is now allowed
-
this is i said,site use PBKDF2 and many acc have 6 and 7 chars long.
i using in php whithout problems but whit OB i need use only passwords whit more than 8 chars long to can get the 8 bytes. and all password whit 6 or 7 chars long OB give error,u convert the pass in base 64 and the not have the 8 bytes needs OB to can make hash correct.