[28991] in bugtraq
Re: phpBB Security Bugs
daemon@ATHENA.MIT.EDU (Christian Vogel)
Sun Feb 23 12:40:30 2003
From: Christian Vogel <chris@obelix.hedonism.cx>
Date: Sat, 22 Feb 2003 11:20:07 +0100
To: Konrad Rieck <kr@roqe.org>
Message-ID: <20030222112007.A3526@obelix.frop.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <1045822791.7155.11.camel@fluffy>; from kr@roqe.org on Fri, Feb 21, 2003 at 11:19:52AM +0100
Hi Konrad, Lucas and List,
On Fri, Feb 21, 2003 at 11:19:52AM +0100, Konrad Rieck wrote:
> I am just wondering... You are talking about guessing a 33-digit
> hexadecimal number?
No, he was talking about guessing each hex-digit one at a time,
so he will need 16*33=528 guesses to exhaust the whole "hash-space".
See in Lucas' SQL: mid(user_password,n,1)=char(guess), the "algorithm"
goes like this:
for(n=0..32){
for(g='0'..'9','A'..'F')
if( guessed_right(n,g) ){
hash[n]=g;
break;
}
Chris
--
First snow, then silence.
This thousand dollar screen dies
so beautifully.
-- Simon Firth
