Thread: The Technology Vent and Rant Thread
View Single Post
Old 03-12-2025, 12:33 PM   #2659
ratinox
Guru
ratinox ought to be getting tired of karma fortunes by now.ratinox ought to be getting tired of karma fortunes by now.ratinox ought to be getting tired of karma fortunes by now.ratinox ought to be getting tired of karma fortunes by now.ratinox ought to be getting tired of karma fortunes by now.ratinox ought to be getting tired of karma fortunes by now.ratinox ought to be getting tired of karma fortunes by now.ratinox ought to be getting tired of karma fortunes by now.ratinox ought to be getting tired of karma fortunes by now.ratinox ought to be getting tired of karma fortunes by now.ratinox ought to be getting tired of karma fortunes by now.
 
Posts: 808
Karma: 11053908
Join Date: Oct 2016
Location: Somewhere in Time
Device: Forma, iPad Mini
Quote:
Originally Posted by jbjb View Post
I've just reread this, and don't get the point you're trying to make. If you've got hold of the passwd file, or whatever, with the salted hashes, you already know all the salts - they're sitting right there in plain text. What would knowing the salt generation algorithm gain you? (Genuine question!)
Unix password files are well-documented, but any given site like mobileread can do things differently, so an attacker would need to identify that in order to generate usable hash tables. Or to identify a more efficient attack if one exists.
ratinox is offline   Reply With Quote