-1

I've just got some hashes from a website database, but I've never seen this kind of hashes, what hash is that?

IAsJEwlMIlBWGHpa
Az4IFRFPPFBd
DwEOGAhBNyFcFXw=
Ay4GFQJBIwBeEg==
alecxe
  • 1,595
  • 6
  • 19
  • 36
Thiago Dias
  • 171
  • 2
  • 9

2 Answers2

1

I could not say without a key for the actual encrypted string or at least knowledge of what algorithm is in use. That is the thing about encryption, it does not come with a pre-made signature to make decryption easier for attackers.

This is an example of AES, a common symmetric-key encryption method. However, this is not what you are looking for because AES only provides output in 128, 192, and 256 bit length.

Unencrypted text: Boo, I am the gingerbread man.

Key: HeyYa

Encryption: 128 bit AES

Encrypted String: 9ROOuI1Dn0MMukmdMfO0O/ZeuTrZ0LB7RnSUmjpXEck=

DeepS1X
  • 329
  • 1
  • 5
  • so, there's nothing that i can do about it? – Thiago Dias Dec 21 '16 at 02:23
  • 1
    Not if you can't find a key, or at least find out how they were hashed/encrypted. – DeepS1X Dec 21 '16 at 02:32
  • 1
    If you could find out how they were hashed or encrypted, at least you could begin a bruteforce against the hash or encrypted string. – DeepS1X Dec 21 '16 at 02:33
  • 1
    My suggestion remains snooping around to see if you can find one or two of those elements. – DeepS1X Dec 21 '16 at 02:33
  • 2
    No no no, it does not look like AES. AES output will be 128 bytes as you say, but none of the strings has even close to that length. Just because it is common that AES output is written out in base64 does not imply that every base64 encoding will be AES. – grochmal Dec 21 '16 at 03:02
  • 1
    I retract my comment then, and I will edit my answer for accuracy. – DeepS1X Dec 21 '16 at 04:03
1

Variable length

These don't seem to be hashes, at least not from a single source, because they have a variable length - the first one is a base64 encoding of 12 bytes, the second is just 9.

If anything, they're encrypted strings - possibly simply XOR against some key, as the variable length and extreme shortness implies that it cannot be any of the common block ciphers.

If you assume that it is the case, and the key is reused, you have some assumptions about the contents (e.g. that they're likely to be ascii alphanumeric) and you have much more examples than these four, then it may be broken; but if this is all you have, then there's not enough information to deduce anything more.

Peteris
  • 8,419
  • 1
  • 28
  • 35
  • This is the answer (+1). That is just a bunch of plausibly random looking bytes in base64 encoding. Nothing more than that. Even block ciphers would output strings of the same length, since (most block ciphers) require padding of the input. – grochmal Dec 21 '16 at 03:00