Neil Madden on Nostr: This is intriguing the heck out of me. Were they doing bcrypt(salt + username + ...
This is intriguing the heck out of me. Were they doing bcrypt(salt + username + password) or something with a 20-byte salt and then hitting the 72-byte bcrypt input limit? The extent to which bcrypt needs to die already…
https://infosec.exchange/@SecureOwl/113409933398662230Published at
2024-11-02 12:08:03Event JSON
{
"id": "4b891493bb018e6cdd64e192ad73da518a7ef72ac4fc171d2a153f84af31cc0f",
"pubkey": "6f40ace4826ffbfaad46ff973d991b05a0c7238ea32964ab06fe3a87ade66281",
"created_at": 1730549283,
"kind": 1,
"tags": [
[
"proxy",
"https://infosec.exchange/users/neilmadden/statuses/113413277813916177",
"activitypub"
]
],
"content": "This is intriguing the heck out of me. Were they doing bcrypt(salt + username + password) or something with a 20-byte salt and then hitting the 72-byte bcrypt input limit? The extent to which bcrypt needs to die already…\nhttps://infosec.exchange/@SecureOwl/113409933398662230",
"sig": "2ff74936e75cf87bd92230670eda9ed5f6851552888e814c178e9047db1f8e4cde26775ad9fb29ececde5e8820ab96be5c0156317f5e55237f6e2a9aef5dc6a2"
}
