hashcat – XVWA PBKDF2 with sha256 and 1000 iterations

In XVWA (Xtreme Vulnerable Web Application) I presented a PBKDF2 with sha256 and 1000 iteration as such:

<? php

Function create_hash ($ password)
{
// Format: Algorithm: iterations: Salt: hash
$ salt = base64_encode (mcrypt_create_iv (PBKDF2_SALT_BYTE_SIZE, MCRYPT_DEV_URANDOM));
return $ salt. ":".
base64_encode (pbkdf2 (
PBKDF2_HASH_ALGORITHM,
$ Password,
$ Salt,
1000
24
true
));
}
// Where $ password is data provided by a user.

https://github.com/s4n7h0/xvwa/blob/master/vulnerabilities/crypto/PasswordHash.php

Is there a way to get the password?

Complexity Theory – Can I calculate how many iterations this algorithm requires?

Maybe there is no clean formula for it.

The values ​​of $ x, y, z $ after this $ n $The iteration of the loop is $ x_0 + (n + 1) y_0 – 2n (n + 1) $, $ y_0 – 4n $, and $ z_0 – 2n $each, as can be confirmed by induction, where $ x_0, y_0, z_0 $ are their initial values ​​(before the first iteration of the loop). The loop ends for the smallest positive integer $ n $ so that

$$ x_0 + (n + 1) y_0 – 2n (n + 1) + y_0 – 4n equiv 0 pmod {z_0 – 2n}. $$

There may not be a nice expression for the little one $ n $ that satisfies this equation in terms of $ x_0, y_0, z_0 $, It's not obvious to me either $ n $ always exists, d. H. if your loop is always finished.


I gloss over a serious problem that you did not address in the question: What does it mean? $ (x + y) bmod z $ when $ z = 0 $ or when $ z <0 $? It is not clear, and that will affect the answer.

How do I use "compile" for iterations?

I am trying to create the code for the following repetition. Here wjoin[[i]] is used to call values ​​from record and on is a parameter. How can I carry out the following repetition Compile? How can I save the previous values ​​from? gg[i] to calculate gg[i+1], I wrote the following code. But it does not work.

                gg[1] = a - wjoin[[[[[1]]gg[2] = (a) * gg[1] - wjoin[[[[[2]])
gg = compile[{{r1, _Integer}}, 1/(a)*((1 + a )*gg[r1] - wjoin[[r1]])];
gg[3]

Expected number of iterations for the Bozo Sort Opt algorithm

I'm trying to figure out the upper limit to the number of iterations of the Bozo Sort-Opt algorithm described in this article in Section 3.2:
http://www.hermann-gruber.com/pdf/fun07-final.html

I know the maximum number of inversions is in this case nC2Who I'm struggling with is the probability that two numbers in an iteration are an inversion.

magento2.3 – upgrade from magento 2.2.5 to 2.3 bug front controller reaches 100 router match iterations problem

When I upgraded my Magento from 2.2.5 to 2.3, everything worked fine, but when trying to access the Web site, an iterative error stating that the front controller was experiencing 100 iterative errors for the router appears.
After looking for solutions online and all failing, except that someone says something about old cached data, it's corrupted. I then remove var / cache and clean up and flush the cache.
I solved the problem by disabling the configuration cache. The cache status now looks like this:
Current status:
config: 0
Layout: 1
block_html: 1
Collections: 1
Reflection: 1
db_ddl: 1
compiled_config: 1
eav: 1
Customer information: 1
config_integration: 1
config_integration_api: 1
full_page: 1
config_webservice: 1
translate: 1
Vertex: 0
I think that this is a temporary and not a professional solution, can someone help me to solve the problem and solve the problem of the configuration cache?

Performance – PHP: Faster way to write a ~ 100Kb HTML string over an MD file (number of iterations ~ 10K)

That's what I meant in the comments

You could do it substr ($ hey, 0,2) check once and then the first two letters instead of several letters strpos, Maybe, but I have no idea what $ hey looks like 🙂 – but as you could counter Get rid of that and the multiple function calls. I do not think it will be much faster, but with enough iterations, who knows, and it may look a bit cleaner.

        change (substr ($ hay, 0,2)) {
Case "na": // nasdaq
$ mk = & # 39; nasdaq-us & # 39 ;;
$ nasdaq ++
break;
Case # 39: // nyse
Case & # 39 ;: // New York
$ mk = & nbsp; nyse-us & # 39 ;;
$ nyse ++;
break;
Case # cb #: // cboe
$ mk = & # 39; cboe-us & # 39 ;;
$ cboe ++;
break;
Default:
$ mk = & # 39; market-us & # 39 ;;
$ others ++;
break;
}

This will do 1 function call instead of 4.

It looks like your calling strolinger more than 3 times $ cn

        $ cn = strtolower (UpdateStocks :: slugCompany ($ s["quote"]["companyName"])); // s
// ...
$ p2 = sprintf (& # 39;% s% s% s & # 39; self :: SLASH, strtolower ($ cn), & # 39; - & # 39;);
// ...
if (strtolower ($ symb) === strtolower ($ cn)) {
// ------------------
$ p1 = sprintf (& # 39;% s% s% s & # 39; self :: SLASH, strtolower ($ symb), & # 39; - & # 39;);

if (strtolower ($ symb) === strtolower ($ cn)) {

And so on.

There may be more duplicate calls like these.

Your sprintf seem to show less.

    // icon in the URL
$ p1 = sprintf (& # 39;% s% s% s & # 39; self :: SLASH, strtolower ($ symb), & # 39; - & # 39;);
// company in URL
$ p2 = sprintf (& # 39;% s% s% s & # 39; self :: SLASH, strtolower ($ cn), & # 39; - & # 39;);

// You could do this, for example
$ p1 = self :: SLASH. $ symb. & # 39; - & # 39 ;;

This whole piece is suspicious:

    // icon in the URL
$ p1 = sprintf (& # 39;% s% s% s & # 39; self :: SLASH, strtolower ($ symb), & # 39; - & # 39;);
// company in URL
$ p2 = sprintf (& # 39;% s% s% s & # 39; self :: SLASH, strtolower ($ cn), & # 39; - & # 39;);

// Duplication Risk
if (strtolower ($ symb) === strtolower ($ cn)) {
// Duplicated name of a symbol
$ previousNames = array_reverse (UpdateStocks :: searchFilenames (glob ($ dir. "/ *"), $ p2));
$ lurl = $ cn. & # 39; - & # 39 ;. $ sc. & # 39; - & # 39 ;. $ mk. & # 39; - & # 39 ;. $ enc;
}otherwise{
// Duplicated name of a symbol
$ previousNames = array_reverse (UpdateStocks :: searchFilenames (glob ($ dir. "/ *"), $ p1));
$ lurl = strtolower ($ symb). & # 39; - & # 39 ;. $ cn. & # 39; - & # 39 ;. $ sc. & # 39; - & # 39 ;. $ mk. & # 39; - & # 39 ;. $ enc;
}

For example, the only difference is:

$ previousNames = array_reverse (UpdateStocks :: searchFilenames (glob ($ dir. "/ *"), $ p2));
$ previousNames = array_reverse (UpdateStocks :: searchFilenames (glob ($ dir. "/ *"), $ p1));
//and
$ lurl = $ cn. & # 39; - & # 39 ;. $ sc. & # 39; - & # 39 ;. $ mk. & # 39; - & # 39 ;. $ enc;
$ lurl = $ symb. & # 39; - & # 39 ;. $ cn. & # 39; - & # 39 ;. $ sc. & # 39; - & # 39 ;. $ mk. & # 39; - & # 39 ;. $ enc; 

So if you can change and prepend the last argument $ symbMaybe you could eliminate this condition. I have to think about it a bit … lol. But you see, what I mean, it could be more DRY (do not repeat). I do not know enough about the data to really say anything. I thought something like this:

        if ($ symb! = $ cn) {
$ p = self :: SLASH. $ symb. & # 39; - & # 39 ;;
$ lurl = & # 39; & # 39 ;;
}otherwise{
$ p = self :: SLASH. $ cn. & # 39; - & # 39 ;;
$ lurl = $ symb;
}

$ previousNames = array_reverse (UpdateStocks :: searchFilenames (glob ($ dir. "/ *"), $ p));
$ lurl. = "$ cn- $ sc- $ mk- $ enc";

But I'm not sure I got in the way. So definitely try it. A little hard to work only in my head. I still need a condition, but it is much shorter and easier to read.

For this:

search filenames

/ **
*
* @return an array with the path values ​​of all stored front MD files
* /
public static function searchFilenames ($ array, $ re) {
$ arr = Array ();
foreach ($ array as $ k => $ str) {
$ pos = strpos ($ str, $ re);
if ($ pos! == false) {
array_push ($ arr, $ str);
}
}
return $ arr;
}

You can use preg_grep, For example:

            public static function searchFilenames ($ array, $ re) {
return preg_grep (& # 39; / # 39; preg_quote ($ re, & # 39; / & # 39;). & # 39; / i & # 39 ;, $ array);
}
// or array_filter
public static function searchFilenames ($ array, $ re) {
return array_filter ($ array, function ($ item) use ($ re) {return strpos ($ re)! == false;});
}  

They only find if $ re is contained in every element of $ array, preg_grep – Returns array entries that match the pattern, It is also independent of the I Flag. In any case, I never use array_push as $ arr[]= $ str is much faster. It's even better if you can easily modify the array, because this function is a copy anyway, since it is not passed as a reference.

One thing that I find useful is to include and add some sample data into the code in comments. Then you can imagine what transforms your work and whether you repeat yourself.

One last thing this fear a little bit:

foreach ($ previousNames as $ k => $ previousName) {
if ($ k == 0) {
// security: if the previous filename does not exactly match the new filename
rename ($ previousName, $ newName);
}otherwise{
// if several files were found: Unlink
unlink ($ previousName);
}
}

Here you check that $ k or the array key is 0It's very easy to reset array keys during sorting or filtering. So be careful, I think that this is a safer option.

foreach ($ previousNames as $ k => $ previousName) {
if ($ previousName! = $ newname) {
// security: if the previous filename does not exactly match the new filename
rename ($ previousName, $ newName);
}otherwise{
// if several files were found: Unlink
unlink ($ previousName);
}
}

Not sure if that was a mistake or I just do not understand this part? It's hard to be able to test without the value. However, it should be noted that the material is deleted as soon as it is deleted.

I hope it helps you, most of them are trifles.

Doubts that multiple objects are called successively in iterations of a loop in R.

Good morning, I have a problem, I imported some objects like this. In this example, I've only included two, but I plan to work with many, so I need to automate the processes a bit

Library (Quantmod)

Select the desired date

start <- as.Date ("2014-01-01")
end <- as.Date ("2018-01-12")

The first term refers to the assets you want to download

Second, where do you want it?

third the start date

Room until the end date

getSymbols (active, src = "http://stackoverflow.com/yahoo", from = start, to = end)

After I import the objects, I need to convert them to data.frame and change their headers to a for, but I can not call every object in every iteration. Could someone please help me

Insert here the description of the picture

I want a way to change all the headers in a for and convert all to data.frame into a for. However, I can not call every object in every iteration

Thanks in advance.

I tried, but it did not work

Heading imported assets

Header <-c (Aperture, Maximum, Minimum, Close, Volume, Setting)

assets2 <-list (BVSP, PETR4.SA)

for (i in 1: NROW (assets2)) {

Colnames (assets2[i]) <- Header

}