bitcoin core – How difficult is it to find a hash digest beginning with at least twelve zeros?

How difficult is it to find a hash digest beginning with at least twelve zeros?

what i know is Difficulty is a measure of how difficult it is to find a hash below a given target.

The Bitcoin network has a global block difficulty. Valid blocks must have a hash below this target. Mining pools also have a pool-specific share difficulty setting a lower limit for shares.

and difficulty = difficulty_1_target / current_target

(target is a 256 bit number)

difficulty_1_target can be different for various ways to measure difficulty. Traditionally, it represents a hash where the leading 32 bits are zero and the rest are one (this is known as “pool difficulty” or “pdiff”). The Bitcoin protocol represents targets as a custom floating point type with limited precision; as a result, Bitcoin clients often approximate difficulty based on this (this is known as “bdiff”).

but can someone explain me how difficult is with 12 zeros?

postgresql – Postgres password hash crack

I installed the lastest version of PostgreSQL (13.2) to understand it better and I used the command SELECT usename, passwd from pg_shadow; to extract the hash with the default username postgres but I could not find any documantation of how to crack the password hash using john or hashcat so how can I do that ?
the hash example which is 1234

SCRAM-SHA-256$4096:bPlu66YYvUgvDwY31jQZTA==$ZbSxNzZQqdtLi+fcj15pg7ywEg5mO3xNOVfZJ+/2n0Q=:9ll3Le0+81qTnFwonM4ROCzeTjCRizYdm3ZO5yu/wcE=

hash – cannot generate bitcoin first block

I have download bitcoin source and change genesis in regtest. and i try to generate 1 block by command ./bitcoin-cli -generate 1 it does not show any mining block. i try over 10 times but it is still the same result why?

here the result:
{
  "address": "tc1qltnl9t23yshlexxxxxxxxxxxx",
  "blocks": [
  ]
}

please kindly advise what happen what bitcoin source code ?

hash – Since GPUs have gigabytes of memory, does Argon2id need to use gigabytes of memory as well in order to effectively thwart GPU cracking?

The common advice of benchmarking a password hashing algorithm and choosing the slowest acceptable cost factor doesn’t work for algorithms with more than one parameter: adding a lot of iterations at the expense of memory hardness makes the benchmark time go up, but if the attacker can still grab off-the-shelf hardware (like a regular gaming graphics card) then I might as well have used pbkdf2 instead of Argon2id. There must be some minimum amount of memory that makes Argon2id safer than a well-configured algorithm from the 90s, otherwise we could have saved ourselves the effort of developing it.

I would run benchmarks and just see for myself at what point hashing isn’t faster anymore on a GPU than on a CPU, but Hashcat lacks Argon2 support altogether. (Though any software I choose isn’t necessarily going to be the fastest possible implementation to give me a correct answer anyway.)

Even my old graphics card from 2008 had 1GB of video memory and 2020 cards seem to commonly have 4-8GB. Nevertheless, the default Argon2id setting in PHP is to use 64MiB of memory.

If you set the parallelism of Argon2id to your number of CPU cores (say, 4) and use this default memory limit, is either of the following (roughly) true?

  • A GPU with 8192MB of memory can still use 8192/64 = 128 of its cores, getting a 32× speed boost compared to your CPU. The slowdown on GPUs due to increased memory requirements is a linear scale. The only way to thwart GPU cracking effectively, is to make Argon2id use more RAM than a high-end GPU has when divided by the number of parallelism you configure in Argon2id (i.e. in this example with 4 cores, Argon2id needs to be set to use 8192/4 = 2048MB).

or

  • This amount, 64MiB, already makes a common consumer GPU completely ineffective for cracking because it is simply too big to efficiently use from a simple GPU core (because if the core has to access the card’s main memory then it’s not worth it, or something).

ios – Bypass Hash Check on Filesystem Ramdisk When Restoring iPhone from IPSW

So basically my situation is as follows:

Recently a family member gave me a used iPhone XR they received third hand, and asked me to unlock it for them. The phone is stuck in iCloud Activation Lock purgatory, and they do not know the original owner (again, third hand purchase), so turning to Apple for help is simply not an option.

I decided to try a process I heard about a while back to bypass this, specifically modifying an IPSW file to remove the Setup.app from the main filesystem, so that on first boot the user would be dropped to the home screen rather than forced to go through the activation process.

While I have managed to get fairly far along in this process I am encountering a hard-stop issue. I have successfully extracted the target IPSW (iOS Ver: 14.4.2, Buildtrain: AzulD, Build Number: 18D70, Device Class: n104ap). Two important factors to note are:

1.) That this particular IPSW is a Research/CustomerUpgrade build, so the DFU, Firmware, InstalledKernelCache, RestoreSEP, and SEP packages are marked as Research builds. The rest of the components are production/release versions.

2.) This IPSW package has an unencrypted Filesystem Ramdisk by default, and uses hash/checksum verification during restore, rather than decryption keys, as it’s main method of tamper-protection.

With these in mind, I have managed to mount and modify the Filesystem Ramdisk (038-96459-065.dmg) using a shadow copy via hdiutil. I then merged the shadow copy into the original using hdiutil, and recompressed the IPSW using macOS’s built in Archive Utility.

This process yields an IPSW package that successfully passes iTunes/Finder Nonce verification and begins to install, however though it installs the first two Ramdisks and the firmwares successfully, when it attempts to install the Filesystem Ramdisk (modified 038-96459-065.dmg) it fails a checksum verification and aborts install halfway through, yielding this error:

The iPhone “iPhone” could not be restored. An unknown error occurred (14). 065B.000E

The iPhone then becomes stuck on the Apple screen with the progress bar showing 1/3rd full. Attempting to enter Recovery mode fails and will not allow restoring of the phone. The error code 14 represents an unspecified interruption part way through the install, and placing the phone in DFU mode and restoring from an unmodified IPSW works fine. This is what has me convinced it is failing a checksum verification on the modified Ramdisk.

My question: is there a known (or theoretical) way to bypass the checksum verification on the System image? Perhaps by modification of the BuildManifest.plist? Replacing the contents of Firmware/038.96459-065.dmg.root_hash with an accurate hash for the modified Ramdisk (Assuming the hashing method for these files is known and publicly available)? Spoofing the CRC-32 checksum on the .dmg itself? Replacing the contents of the relevant .mtree file for the .dmg with a newly generated string?

NOTE: All suggestions are welcome, but please do not respond if you have no relevant/specific information to share.

A message to the moderators: I apologize if this question is, technically speaking, not on the correct forum, however I am unaware of another one which would be more relevant to the project at hand. If you feel this question does not belong here, please simply refer me to a place that would better suit this question, and I will migrate it myself. There is no need to lock or migrate this thread on my behalf, I am not that stubborn.

passwords – John the Ripper works on some hash but not on another

I have two unshadowed text files, passwd1 and passwd2. For passwd1, I run john --show passwd1 and it works to crack passwd1. But for passwd2, if I run john --show passwd2, I got No password hashes left to crack (see FAQ). Why and how to crack passwd2? Thanks.

passwd1:

Kali:$6$riekpK4m$uBdaAyK0j9WfMzvcSKYVfyEHGtBfnfpiVbYbzbVmfbneEbo0wSijW1GQussvJSk8X1M56kzgGj8f7DFN1h4dy1:0:0:Kali,,,:/home/kali:/usr/bin/zsh

passwd2:

Kali:$y$j9T$4JmF8/hOTITZlGzS8gtKc1$/twgNomAwBw6t/berIdO4pXN6ZtERj9u/gziBgKPMO1:0:0:Kali,,,:/home/kali:/usr/bin/zsh

hash – What exactly happens to leaves when forming nodes?

Concatenation means the joining of the second sequence at the end of the first sequence. For example, with strings, the concatenation of "hello, " and "world" produces the string "hello, world".

For TXIDs, they are taken as a 32-byte array. The concatenation of the two TXIDs produces an array of 64 bytes, which then becomes the input for another round of double SHA256. The resulting hash becomes the parent hash of the two TXIDs in the Merkle tree.

Each pair of transactions is hashed in such way, and if the number of transactions is odd, the last TXID in the sequence is duplicated (concatenated with itself). The parent hashes are then recursively treated in the same way, concatenated pairwise, until a single hash remains, which is the Merkle root.

MySQL performance issue when a hash join is used

I’m having an issue where the optimizer seems to be doing a full table scan and exhibiting a big performance hit when a hash join is used.

Schema and sample data:

CREATE TABLE `px_po_status` (
  `po_status_id` tinyint NOT NULL,
  `name` varchar(32) NOT NULL,
  PRIMARY KEY (`po_status_id`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8;

INSERT INTO `px_po_status` (`po_status_id`, `name`)
VALUES
  (0, 'PENDING'),(1, 'SENT'),(3, 'COMPLETE');

CREATE TABLE `px_po` (
  `po_id` int NOT NULL AUTO_INCREMENT,
  `po_date` date NOT NULL,
  `po_status_id` tinyint(1) NOT NULL,
  PRIMARY KEY (`po_id`),
  KEY `po_date` (`po_date`),
  KEY `po_status_id` (`po_status_id`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8;

INSERT INTO `px_po` (`po_id`, `po_date`, `po_status_id`)
VALUES
  (39647, '2018-10-09', 3),(39648, '2018-10-09', 3),(39649, '2018-10-09', 3),(39651, '2018-10-09', 3),(39653, '2018-10-09', 3),(39654, '2018-10-09', 3),(39655, '2018-10-09', 3),(39657, '2018-10-09', 3),(39658, '2018-10-09', 3),(39659, '2018-10-09', 3),(39660, '2018-10-09', 3),(39661, '2018-10-09', 3),(39662, '2018-10-10', 3),(39663, '2018-10-10', 3),(39665, '2018-10-10', 3),(39666, '2018-10-10', 3),(39667, '2018-10-10', 3),(39668, '2018-10-10', 3),(39669, '2018-10-10', 3),(39670, '2018-10-10', 3),(39671, '2018-10-10', 3),(39672, '2018-10-10', 3),(39673, '2018-10-10', 3),(39674, '2018-10-10', 3),(39675, '2018-10-11', 3),(39676, '2018-10-11', 3),(39677, '2018-10-11', 3),(39678, '2018-10-11', 3),(39679, '2018-10-11', 3),(39680, '2018-10-11', 3),(39681, '2018-10-15', 3),(39682, '2018-10-15', 3),(39683, '2018-10-15', 3),(39684, '2018-10-15', 3),(39685, '2018-10-15', 3),(39686, '2018-10-15', 3),(39687, '2018-10-15', 3),(39688, '2018-10-15', 3),(39689, '2018-10-15', 3),(39690, '2018-10-15', 3);

Problem query:

SELECT
  po.po_id,
  pst.name AS po_status
FROM px_po po
  LEFT JOIN px_po_status pst ON po.po_status_id = pst.po_status_id
ORDER BY po_date DESC
LIMIT 0,25;

Running EXPLAIN here shows the following:

+----+-------------+-------+------------+-------+---------------+---------+---------+------+------+----------+----------------------------------------------+
| id | select_type | table | partitions | type  | possible_keys | key     | key_len | ref  | rows | filtered | Extra                                        |
+----+-------------+-------+------------+-------+---------------+---------+---------+------+------+----------+----------------------------------------------+
|  1 | SIMPLE      | po    | NULL       | index | NULL          | po_date | 4       | NULL |   41 |   100.00 | Using index; Using temporary; Using filesort |
|  1 | SIMPLE      | pst   | NULL       | ALL   | PRIMARY       | NULL    | NULL    | NULL |    3 |   100.00 | Using where; Using join buffer (hash join)   |
+----+-------------+-------+------------+-------+---------------+---------+---------+------+------+----------+----------------------------------------------+

Workaround #1:

SELECT
  po.po_id,
  (SELECT pst.name FROM px_po_status pst WHERE po.po_status_id = pst.po_status_id) as po_status
FROM px_po po
ORDER BY po_date DESC
LIMIT 0,25;

Oddly, using a subquery performs much better and gets optimized as I’d expect:

+----+--------------------+-------+------------+--------+---------------+---------+---------+-------------------------+------+----------+---------------------+
| id | select_type        | table | partitions | type   | possible_keys | key     | key_len | ref                     | rows | filtered | Extra               |
+----+--------------------+-------+------------+--------+---------------+---------+---------+-------------------------+------+----------+---------------------+
|  1 | PRIMARY            | po    | NULL       | index  | NULL          | po_date | 3       | NULL                    |   25 |   100.00 | Backward index scan |
|  2 | DEPENDENT SUBQUERY | pst   | NULL       | eq_ref | PRIMARY       | PRIMARY | 1       | sandbox.po.po_status_id |    1 |   100.00 | NULL                |
+----+--------------------+-------+------------+--------+---------------+---------+---------+-------------------------+------+----------+---------------------+

Workaround #2:

I’m also aware that I can leverage optimizer hints to circumvent the poor performance as outlined here: https://dev.mysql.com/doc/refman/8.0/en/optimizer-hints.html#optimizer-hints-table-level. This yields an identical explain to Workaround #1:

SELECT /*+ NO_BNL() */
  po.po_id,
  (SELECT pst.name FROM px_po_status pst WHERE po.po_status_id = pst.po_status_id) as po_status
FROM px_po po
ORDER BY po_date DESC
LIMIT 0,25;

Couple of notes:

My Question:

Why does the optimizer seem to fail such a basic operation? Is this a bug?

How does the WPA2 crack work with Hashcat 22000 format hash lines?

I’m trying to understand the format and functionality of WPA2 hash lines that start with WPA*02* used with -m 22000 on hashcat.

The way I understand it, this format was created as an improvement and replacement to the .hccapx file format, and should thus contain the exact same data elements. However, when comparing it, I noted that when compared to the Hashcat wiki: https://hashcat.net/wiki/doku.php?id=hccapx for hccapx files, it is notably missing the nonce_sta field that is present in .hccapx files.

My question is, how does cracking a hash with such a hash line work without the nonce_sta field? What exactly does the EAPOL field contain?

Given a WPA*02* hash line, and its correct password, could you show me through each step of how to verify that that password is in fact the correct password from that hash line?

Thank you!