commit 4192fe6ca9bdf6e6f31daa13501541b187a58681
parent d9f95490d15da221844b066784149f68db92cc5d
Author: Louis Burda <quent.burda@gmail.com>
Date: Sat, 26 Jun 2021 13:38:10 +0200
updated documentation of hash preimage generation
Diffstat:
1 file changed, 8 insertions(+), 6 deletions(-)
diff --git a/documentation/README.md b/documentation/README.md
@@ -206,12 +206,14 @@ can now list the hashes of all registered users.
The next step is to find a valid preimage for the hashes obtained
previously, to log in as them and query information about their files.
-To calculate the preimage we choose a seed for srand at random. Then
-we XOR the values encoded in the hex-encoded with calls to rand().
-If the sum of the generated values is greated than the seed we used,
-restart. Otherwise, append some characters to make the sum match
-the seed like it does in mhash. The value of these 'extra' chars
-is irrelevant, since mhash only processes the first 20 chars anyways.
+To calculate the preimage we repeatedly choose a seed for srand. For
+each seed, we XOR the values encoded in the hex-encoded hash with
+calls to rand(). If after generating each character the sum of the
+generated values is less than the seed we used, restart. Otherwise,
+we append some characters to make the sum of the input characters
+match the seed, such that the seed for srand mhash uses matches the
+one we chose. The actual value of these 'extra' chars is irrelevant,
+since mhash only processes the first 20 chars anyways.
See `checker/src/revhash/main.c` for an example implementation in C.
