feat: Add peppered hash
This commit is contained in:
parent
fe67cad2ef
commit
c63e69fc93
@ -2,6 +2,7 @@
|
||||
|
||||
1. [Hashing](hash.java)
|
||||
2. [Salted Hashing](saltedHash.java)
|
||||
3. [Peppered Hashing](pepperedHash.java)
|
||||
|
||||
|
||||
|
||||
|
118
guesser.java
Normal file
118
guesser.java
Normal file
@ -0,0 +1,118 @@
|
||||
import java.security.NoSuchAlgorithmException;
|
||||
import java.security.SecureRandom;
|
||||
import java.util.Random;
|
||||
public class guesser {
|
||||
public static void main(String[] args) throws NoSuchAlgorithmException {
|
||||
System.out.println("Guessing hash of a random 6 digit password");
|
||||
Random random = new Random();
|
||||
int seed= random.nextInt(1000000);
|
||||
String randomPassword = getRandomPassword(seed);
|
||||
System.out.println("Random 6-character string: " + randomPassword);
|
||||
|
||||
System.out.println("Hashed password");
|
||||
String hashed = hash.hashstring(randomPassword);
|
||||
System.out.println(hashed);
|
||||
|
||||
System.out.println("Guessing...");
|
||||
long startTime = System.nanoTime();
|
||||
|
||||
|
||||
boolean match = false;
|
||||
int check=0;
|
||||
while (!match) {
|
||||
String guess = getRandomPassword(check);
|
||||
check++;
|
||||
String hashedGuess = hash.hashstring(guess);
|
||||
if (hashedGuess.equals(hashed)) {
|
||||
match = true;
|
||||
System.out.println("Match!");
|
||||
System.out.println("Password is: " + guess);
|
||||
}
|
||||
}
|
||||
|
||||
long endTime = System.nanoTime();
|
||||
long duration = (endTime - startTime);
|
||||
// Calculate the time taken in seconds
|
||||
double seconds = (double)duration / 1_000_000_000.0;
|
||||
System.out.println("Time taken: " + seconds + " seconds");
|
||||
|
||||
System.out.println("Guessing hash of a random 6 digit password with salt");
|
||||
System.out.println("Hashed password");
|
||||
String salt = bytetohex.toHexString(saltedHash.getSalt());
|
||||
// Remove starting 0s
|
||||
while (salt.charAt(0) == '0') {
|
||||
salt = salt.substring(1);
|
||||
}
|
||||
String salted = randomPassword + salt;
|
||||
String hashedSalted = hash.hashstring(salted);
|
||||
|
||||
System.out.println("Guessing...");
|
||||
startTime = System.nanoTime();
|
||||
|
||||
match = false;
|
||||
check=0;
|
||||
while (!match) {
|
||||
String guess = getRandomPassword(check);
|
||||
check++;
|
||||
String saltedGuess = guess + salt;
|
||||
String hashedGuess = hash.hashstring(saltedGuess);
|
||||
if (hashedGuess.equals(hashedSalted)) {
|
||||
match = true;
|
||||
System.out.println("Match!");
|
||||
System.out.println("Password is: " + guess);
|
||||
}
|
||||
}
|
||||
|
||||
endTime = System.nanoTime();
|
||||
duration = (endTime - startTime);
|
||||
seconds = (double)duration / 1_000_000_000.0;
|
||||
System.out.println("Time taken: " + seconds + " seconds");
|
||||
|
||||
|
||||
System.out.println("Guessing hash of a random 6 digit password with pepper");
|
||||
|
||||
System.out.println("Hashed password");
|
||||
String pepper = pepperedHash.getPepper();
|
||||
String peppered = randomPassword + pepper;
|
||||
String hashedPeppered = hash.hashstring(peppered);
|
||||
|
||||
System.out.println("Guessing...");
|
||||
startTime = System.nanoTime();
|
||||
match = false;
|
||||
check=0;
|
||||
|
||||
while (!match) {
|
||||
String guess = getRandomPassword(check);
|
||||
check++;
|
||||
if (pepperedHash.checkPeppered(guess,hashedPeppered)) {
|
||||
match = true;
|
||||
System.out.println("Match!");
|
||||
System.out.println("Password is: " + guess);
|
||||
}
|
||||
}
|
||||
endTime = System.nanoTime();
|
||||
duration = (endTime - startTime);
|
||||
seconds = (double)duration / 1_000_000_000.0;
|
||||
System.out.println("Time taken: " + seconds + " seconds");
|
||||
|
||||
|
||||
|
||||
}
|
||||
|
||||
private static String getRandomPassword(int value) {
|
||||
// Define the characters that can be used in the random string
|
||||
String characters = "0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ";
|
||||
|
||||
// Initialize a StringBuilder to build the random string
|
||||
StringBuilder randomString = new StringBuilder(6);
|
||||
|
||||
// Generate a string using the value
|
||||
for (int i = 0; i < 6; i++) {
|
||||
randomString.append(characters.charAt(value % characters.length()));
|
||||
value /= characters.length();
|
||||
}
|
||||
|
||||
|
||||
return randomString.toString();
|
||||
}
|
||||
}
|
63
pepperedHash.java
Normal file
63
pepperedHash.java
Normal file
@ -0,0 +1,63 @@
|
||||
import java.io.BufferedReader;
|
||||
import java.io.IOException;
|
||||
import java.io.InputStreamReader;
|
||||
import java.security.NoSuchAlgorithmException;
|
||||
import java.util.Random;
|
||||
|
||||
public class pepperedHash {
|
||||
public final static String alphabet = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ";
|
||||
|
||||
public static void main(String[] args) throws IOException {
|
||||
BufferedReader reader = new BufferedReader(new InputStreamReader(System.in));
|
||||
System.out.println("Enter a string to hash and salt: ");
|
||||
String input = reader.readLine();
|
||||
|
||||
try {
|
||||
String pepper = getPepper();
|
||||
System.out.println("Pepper is: " + pepper);
|
||||
// Remove starting 0s
|
||||
|
||||
String peppered = input + getPepper();
|
||||
System.out.println("Hashed as:");
|
||||
String hashed = hash.hashstring(peppered);
|
||||
System.out.println(hashed);
|
||||
|
||||
System.out.println("Enter a string to check: ");
|
||||
String check = reader.readLine();
|
||||
|
||||
if (checkPeppered(check,hashed)){
|
||||
System.out.println("Match!");
|
||||
} else {
|
||||
System.out.println("No match!");
|
||||
}
|
||||
|
||||
|
||||
|
||||
} catch (NoSuchAlgorithmException e) {
|
||||
System.out.println(e.toString());
|
||||
}
|
||||
}
|
||||
|
||||
public static boolean checkPeppered(String check,String hashed) throws NoSuchAlgorithmException {
|
||||
boolean match = false;
|
||||
for (int i = 0; i<52;i++){
|
||||
String pepperedCheck = check + alphabet.charAt(i);
|
||||
String hashedCheck = hash.hashstring(pepperedCheck);
|
||||
if (hashedCheck.equals(hashed)) {
|
||||
match = true;
|
||||
break;
|
||||
}
|
||||
}
|
||||
return match;
|
||||
}
|
||||
|
||||
public static String getPepper() {
|
||||
// Return random a-zA-Z
|
||||
Random random = new Random();
|
||||
int randomIndex = random.nextInt(52);
|
||||
|
||||
// Get the random character
|
||||
char randomChar = alphabet.charAt(randomIndex);
|
||||
return Character.toString(randomChar);
|
||||
}
|
||||
}
|
@ -20,14 +20,14 @@ public class saltedHash {
|
||||
String salted = input + salt;
|
||||
System.out.println("Hashed as:");
|
||||
String hashed = hash.hashstring(salted);
|
||||
String stored = hashed + ":"+salt;
|
||||
String stored = hashed + "$"+salt;
|
||||
System.out.println(stored);
|
||||
|
||||
System.out.println("Enter a string to check: ");
|
||||
String check = reader.readLine();
|
||||
|
||||
// Split stored by the colon
|
||||
String[] parts = stored.split(":");
|
||||
String[] parts = stored.split("\\$");
|
||||
// Salt the checked
|
||||
String saltedCheck = check + parts[1];
|
||||
// Hash the salted checked
|
||||
@ -46,7 +46,7 @@ public class saltedHash {
|
||||
|
||||
}
|
||||
|
||||
private static byte[] getSalt() throws NoSuchAlgorithmException {
|
||||
public static byte[] getSalt() throws NoSuchAlgorithmException {
|
||||
SecureRandom random = new SecureRandom();
|
||||
byte[] salt = new byte[16];
|
||||
random.nextBytes(salt);
|
||||
|
Loading…
Reference in New Issue
Block a user