RE: Bitwise Or

Daniel L Quigley-Skillin Thu, 16 Aug 2001 20:42:41 -0700
I thought I got lucky last night w/ this and figured it out, blaming it on
font.  I of course was mistaken.

Through a bit of thought today I converted everything over to binary to look
at the actuall math that was going on.  The ASCII characters were a bit
rough to deal with.

Beyond the exclusive or, there were some adjustments which needed to be made
to the userpass and final hash.

It's working now, thanks :)

D-


-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]On Behalf Of
Newton, Philip
Sent: Thursday, August 16, 2001 3:35 AM
To: 'Daniel L Quigley-Skillin';
[EMAIL PROTECTED]
Subject: Re: Bitwise Or


Daniel L Quigley-Skillin wrote:
> I'm trying to match a password hash which is bases off of a
> bitwise or operation.

Note: in my experience, "bitwise or" means "inclusive or" (aka "or") by
default, not "exclusive or" (aka "xor"). You appear to mean "exclusive or",
so you should probably have said so explicitly up here.

> $password="bigpassword";
> $hash="`{PqwUD}DkLPJckqFi_q{DR`Fwt]YNtZ";
> $bit=$hash ^ $password;
> print $bit;
>
> The output I get is...
>
> 7&7
> +(PJckqFi_q{DR`Fwt]YNtZ
>
> The expected output is (this output is the correct output for the
> fake password I provided)....
>
> BR7AV&7J+Y(

Well, look what happened when I tried it in the debugger:

  DB<2> x '`{PqwUD}DkLPJckqFi_q{DR`Fwt]YNtZ' ^ 'bigpassword'
0  "\cB\cR7\cA\cV&7\cJ+\cY(PJckqFi_q{DR`Fwt]YNtZ"

So the output looks similar to what you got -- but instead of 'B', it's got
control-B; instead of R, it's got control-R; and so on. Are you sure the
"expected output" is what you said and does not include control characters?
Perhaps the method you used to display the expected output translated them
as ^B^R etc. or just BR even though "\cB\cR" (or "\x02\x12") was really what
came out.

> The exclusive or operation alone is yielding the correct
> answer for the operations which include the capital letters
> in the hash, special characters and lowercase letters aren't
> turning out right.

It looked the other way to me -- when your expected output has a capital
letter, the outputs differ; where the expected output had '7' or '&' or '+',
the output of the xor operation matched what you described.

> I feel like I'm missing an operation, but I can't seem to
> determine the correct one based off the expected output.
>
> Any suggestions would be greatly appreciated.

I suggest providing some more data -- password hashes, input, expected
output, observed output. And a copy of the specification, perhaps, of what's
*meant* to happen.

Cheers,
Philip
--
Philip Newton <[EMAIL PROTECTED]>
All opinions are my own, not my employer's.
If you're not part of the solution, you're part of the precipitate.
_______________________________________________
Perl-Win32-Admin mailing list
[EMAIL PROTECTED]
http://listserv.ActiveState.com/mailman/listinfo/perl-win32-admin

_______________________________________________
Perl-Win32-Admin mailing list
[EMAIL PROTECTED]
http://listserv.ActiveState.com/mailman/listinfo/perl-win32-admin
RE: Bitwise Or

Reply via email to
