我有一个从数据库中获取的哈希值。这是一个基于 php-mysql 的应用程序。给我的任务是打破它并用纯文本告诉它会是什么。对我来说,它似乎是 SHA-512。这是因为以下输出来自我的测试应用程序中的一个函数:
echo 'SHA-512: ' . crypt('rasmuslerdorf', '$6$rounds=5000$usesomesillystringforsalt$')
现在我需要一些帮助来理解如何打破它。我尝试过在线饼干,也搜索了一些彩虹表,但没有用。我需要这里的安全专家提供的指导方针或方法来帮我解决。
Cryptographic hashes are designed to be non-reversible. So you can't do it, other than by brute force (i.e., trying every possible string to see if it hashes to the same value). For SHA-512 (which is SHA-2 in 512 bits), that is computationally infeasible.
Read https://en.wikipedia.org/wiki/Cryptographic_hash_function or similar, and you'll get more background on how this is supposed to work.