为什么我的 SHA1 哈希不匹配? [英] Why is my SHA1 hash not matching?
问题描述
我认为我上次不够具体.我们开始吧:
我有一个十六进制字符串:
<块引用>742713478fb3c36e014d004100440041004e0041004e00000060f347d15798c90100606b899c5a98c9014d007900470072006f007500700000002f0000001f7691944b9a3306295fb5f1f57ca52090d35b50060606060606
最后 20 个字节(理论上)应该包含第一部分的 SHA1 哈希(完整字符串 - 20 个字节).但它不适合我.
尝试使用 PHP 执行此操作,但没有运气.你能得到匹配吗?
门票:
<块引用>742713478fb3c36e014d004100440041004e0041004e00000060f347d15798c90100606b899c5a98c9014d007900470072006f007500700000002f0000001f7691944b9a
附加到原始票证的sha1哈希:
<块引用>3306295fb5f1f57ca52090d35b50060606060606
我的票证 sha1 哈希:
<块引用>b6ecd613698ac3533b5f853bf22f6eb4afb94239
这是票据中的内容及其存储方式.FWIW,我可以提取用户名等,并找出各种分隔符.http://www.codeproject.com/KB/aspnet/Forms_Auth_Internals/AuthTicket2.JPG
已我发现该字符串的末尾由它在此之前经历的解密函数填充.我删除了最后 6 个字节并相应地通过票证和散列进行了调整.仍然不起作用,但我更接近了.
您的工单是根据十六进制字符串本身计算的.也许附加的哈希是根据相同数据的另一种表示计算的?
I don't think I was specific enough last time. Here we go:
I have a hex string:
742713478fb3c36e014d004100440041004 e0041004e00000060f347d15798c9010060 6b899c5a98c9014d007900470072006f007 500700000002f0000001f7691944b9a3306 295fb5f1f57ca52090d35b50060606060606
The last 20 bytes should (theoretically) contain a SHA1 Hash of the first part (complete string - 20 bytes). But it doesn't match for me.
Trying to do this with PHP, but no luck. Can you get a match?
Ticket:
742713478fb3c36e014d004100 440041004e0041004e00000060 f347d15798c90100606b899c5a 98c9014d007900470072006f00 7500700000002f0000001f7691944b9a
sha1 hash of ticket appended to original:
3306295fb5f1f57ca52090d35b50060606060606
My sha1 hash of ticket:
b6ecd613698ac3533b5f853bf22f6eb4afb94239
Here's what is in the ticket and how it's being stored. FWIW, I can pull out username, etc, and spot the various delimiters. http://www.codeproject.com/KB/aspnet/Forms_Auth_Internals/AuthTicket2.JPG
Edited: I have discovered that the string is padded on the end by the decryption function it goes through before this point. I removed the last 6 bytes and adjusted by ticket and hash accordingly. Still doesn't work, but I'm closer.
Your ticket is being calculated on the hex string itself. Maybe the appended hash is calculated on another representation of the same data?
这篇关于为什么我的 SHA1 哈希不匹配?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
