![]() ![]() ![]() If the same user "changes" his password but reuses the same, does the stored value changes ? If yes, then part of the value is probably a randomized "salt" or IV (assuming symmetric encryption).So reverse engineering is the "way to go".īarring reverse engineering, you can make a few experiments to try to make educated guesses: Application code is incarnated in a tangible, fat way (executable files on a server, source code somewhere.) which is not, and cannot be, as much protected as a secret key can. The "normal" way to know that is to look at the application code. not really an "encrypted" password, rather a "hashed" password) then this is probably the result of a hash function computed over the password the one classical hash function with a 128-bit output is MD5. If this is a value stored for password verification (i.e. Your example string ( WeJcFMQ/8+8QJ/w0hHh+0g=) is Base64 encoding for a sequence of 16 bytes, which do not look like meaningful ASCII or UTF-8.
0 Comments
Leave a Reply. |