feat: Add peppered hash
This commit is contained in:
parent
fe67cad2ef
commit
c63e69fc93
@ -2,6 +2,7 @@
|
|||||||
|
|
||||||
1. [Hashing](hash.java)
|
1. [Hashing](hash.java)
|
||||||
2. [Salted Hashing](saltedHash.java)
|
2. [Salted Hashing](saltedHash.java)
|
||||||
|
3. [Peppered Hashing](pepperedHash.java)
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
118
guesser.java
Normal file
118
guesser.java
Normal file
@ -0,0 +1,118 @@
|
|||||||
|
import java.security.NoSuchAlgorithmException;
|
||||||
|
import java.security.SecureRandom;
|
||||||
|
import java.util.Random;
|
||||||
|
public class guesser {
|
||||||
|
public static void main(String[] args) throws NoSuchAlgorithmException {
|
||||||
|
System.out.println("Guessing hash of a random 6 digit password");
|
||||||
|
Random random = new Random();
|
||||||
|
int seed= random.nextInt(1000000);
|
||||||
|
String randomPassword = getRandomPassword(seed);
|
||||||
|
System.out.println("Random 6-character string: " + randomPassword);
|
||||||
|
|
||||||
|
System.out.println("Hashed password");
|
||||||
|
String hashed = hash.hashstring(randomPassword);
|
||||||
|
System.out.println(hashed);
|
||||||
|
|
||||||
|
System.out.println("Guessing...");
|
||||||
|
long startTime = System.nanoTime();
|
||||||
|
|
||||||
|
|
||||||
|
boolean match = false;
|
||||||
|
int check=0;
|
||||||
|
while (!match) {
|
||||||
|
String guess = getRandomPassword(check);
|
||||||
|
check++;
|
||||||
|
String hashedGuess = hash.hashstring(guess);
|
||||||
|
if (hashedGuess.equals(hashed)) {
|
||||||
|
match = true;
|
||||||
|
System.out.println("Match!");
|
||||||
|
System.out.println("Password is: " + guess);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
long endTime = System.nanoTime();
|
||||||
|
long duration = (endTime - startTime);
|
||||||
|
// Calculate the time taken in seconds
|
||||||
|
double seconds = (double)duration / 1_000_000_000.0;
|
||||||
|
System.out.println("Time taken: " + seconds + " seconds");
|
||||||
|
|
||||||
|
System.out.println("Guessing hash of a random 6 digit password with salt");
|
||||||
|
System.out.println("Hashed password");
|
||||||
|
String salt = bytetohex.toHexString(saltedHash.getSalt());
|
||||||
|
// Remove starting 0s
|
||||||
|
while (salt.charAt(0) == '0') {
|
||||||
|
salt = salt.substring(1);
|
||||||
|
}
|
||||||
|
String salted = randomPassword + salt;
|
||||||
|
String hashedSalted = hash.hashstring(salted);
|
||||||
|
|
||||||
|
System.out.println("Guessing...");
|
||||||
|
startTime = System.nanoTime();
|
||||||
|
|
||||||
|
match = false;
|
||||||
|
check=0;
|
||||||
|
while (!match) {
|
||||||
|
String guess = getRandomPassword(check);
|
||||||
|
check++;
|
||||||
|
String saltedGuess = guess + salt;
|
||||||
|
String hashedGuess = hash.hashstring(saltedGuess);
|
||||||
|
if (hashedGuess.equals(hashedSalted)) {
|
||||||
|
match = true;
|
||||||
|
System.out.println("Match!");
|
||||||
|
System.out.println("Password is: " + guess);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
endTime = System.nanoTime();
|
||||||
|
duration = (endTime - startTime);
|
||||||
|
seconds = (double)duration / 1_000_000_000.0;
|
||||||
|
System.out.println("Time taken: " + seconds + " seconds");
|
||||||
|
|
||||||
|
|
||||||
|
System.out.println("Guessing hash of a random 6 digit password with pepper");
|
||||||
|
|
||||||
|
System.out.println("Hashed password");
|
||||||
|
String pepper = pepperedHash.getPepper();
|
||||||
|
String peppered = randomPassword + pepper;
|
||||||
|
String hashedPeppered = hash.hashstring(peppered);
|
||||||
|
|
||||||
|
System.out.println("Guessing...");
|
||||||
|
startTime = System.nanoTime();
|
||||||
|
match = false;
|
||||||
|
check=0;
|
||||||
|
|
||||||
|
while (!match) {
|
||||||
|
String guess = getRandomPassword(check);
|
||||||
|
check++;
|
||||||
|
if (pepperedHash.checkPeppered(guess,hashedPeppered)) {
|
||||||
|
match = true;
|
||||||
|
System.out.println("Match!");
|
||||||
|
System.out.println("Password is: " + guess);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
endTime = System.nanoTime();
|
||||||
|
duration = (endTime - startTime);
|
||||||
|
seconds = (double)duration / 1_000_000_000.0;
|
||||||
|
System.out.println("Time taken: " + seconds + " seconds");
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
private static String getRandomPassword(int value) {
|
||||||
|
// Define the characters that can be used in the random string
|
||||||
|
String characters = "0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ";
|
||||||
|
|
||||||
|
// Initialize a StringBuilder to build the random string
|
||||||
|
StringBuilder randomString = new StringBuilder(6);
|
||||||
|
|
||||||
|
// Generate a string using the value
|
||||||
|
for (int i = 0; i < 6; i++) {
|
||||||
|
randomString.append(characters.charAt(value % characters.length()));
|
||||||
|
value /= characters.length();
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
return randomString.toString();
|
||||||
|
}
|
||||||
|
}
|
63
pepperedHash.java
Normal file
63
pepperedHash.java
Normal file
@ -0,0 +1,63 @@
|
|||||||
|
import java.io.BufferedReader;
|
||||||
|
import java.io.IOException;
|
||||||
|
import java.io.InputStreamReader;
|
||||||
|
import java.security.NoSuchAlgorithmException;
|
||||||
|
import java.util.Random;
|
||||||
|
|
||||||
|
public class pepperedHash {
|
||||||
|
public final static String alphabet = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ";
|
||||||
|
|
||||||
|
public static void main(String[] args) throws IOException {
|
||||||
|
BufferedReader reader = new BufferedReader(new InputStreamReader(System.in));
|
||||||
|
System.out.println("Enter a string to hash and salt: ");
|
||||||
|
String input = reader.readLine();
|
||||||
|
|
||||||
|
try {
|
||||||
|
String pepper = getPepper();
|
||||||
|
System.out.println("Pepper is: " + pepper);
|
||||||
|
// Remove starting 0s
|
||||||
|
|
||||||
|
String peppered = input + getPepper();
|
||||||
|
System.out.println("Hashed as:");
|
||||||
|
String hashed = hash.hashstring(peppered);
|
||||||
|
System.out.println(hashed);
|
||||||
|
|
||||||
|
System.out.println("Enter a string to check: ");
|
||||||
|
String check = reader.readLine();
|
||||||
|
|
||||||
|
if (checkPeppered(check,hashed)){
|
||||||
|
System.out.println("Match!");
|
||||||
|
} else {
|
||||||
|
System.out.println("No match!");
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
} catch (NoSuchAlgorithmException e) {
|
||||||
|
System.out.println(e.toString());
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
public static boolean checkPeppered(String check,String hashed) throws NoSuchAlgorithmException {
|
||||||
|
boolean match = false;
|
||||||
|
for (int i = 0; i<52;i++){
|
||||||
|
String pepperedCheck = check + alphabet.charAt(i);
|
||||||
|
String hashedCheck = hash.hashstring(pepperedCheck);
|
||||||
|
if (hashedCheck.equals(hashed)) {
|
||||||
|
match = true;
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return match;
|
||||||
|
}
|
||||||
|
|
||||||
|
public static String getPepper() {
|
||||||
|
// Return random a-zA-Z
|
||||||
|
Random random = new Random();
|
||||||
|
int randomIndex = random.nextInt(52);
|
||||||
|
|
||||||
|
// Get the random character
|
||||||
|
char randomChar = alphabet.charAt(randomIndex);
|
||||||
|
return Character.toString(randomChar);
|
||||||
|
}
|
||||||
|
}
|
@ -20,14 +20,14 @@ public class saltedHash {
|
|||||||
String salted = input + salt;
|
String salted = input + salt;
|
||||||
System.out.println("Hashed as:");
|
System.out.println("Hashed as:");
|
||||||
String hashed = hash.hashstring(salted);
|
String hashed = hash.hashstring(salted);
|
||||||
String stored = hashed + ":"+salt;
|
String stored = hashed + "$"+salt;
|
||||||
System.out.println(stored);
|
System.out.println(stored);
|
||||||
|
|
||||||
System.out.println("Enter a string to check: ");
|
System.out.println("Enter a string to check: ");
|
||||||
String check = reader.readLine();
|
String check = reader.readLine();
|
||||||
|
|
||||||
// Split stored by the colon
|
// Split stored by the colon
|
||||||
String[] parts = stored.split(":");
|
String[] parts = stored.split("\\$");
|
||||||
// Salt the checked
|
// Salt the checked
|
||||||
String saltedCheck = check + parts[1];
|
String saltedCheck = check + parts[1];
|
||||||
// Hash the salted checked
|
// Hash the salted checked
|
||||||
@ -46,7 +46,7 @@ public class saltedHash {
|
|||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
private static byte[] getSalt() throws NoSuchAlgorithmException {
|
public static byte[] getSalt() throws NoSuchAlgorithmException {
|
||||||
SecureRandom random = new SecureRandom();
|
SecureRandom random = new SecureRandom();
|
||||||
byte[] salt = new byte[16];
|
byte[] salt = new byte[16];
|
||||||
random.nextBytes(salt);
|
random.nextBytes(salt);
|
||||||
|
Loading…
Reference in New Issue
Block a user