The archive contains two files ready for JohnTheRipper (bleeding-jumbo):
1. btctalk-sha1.txt <- Raw-SHA1
2. btctalk-sha256crypt.txt <- sha256crypt, crypt(3) $5$
// CRYPT_SHA256 - SHA-256 hash with a sixteen character salt prefixed with $5$. If the salt string starts with 'rounds=<N>$',
// the numeric value of N is used to indicate how many times the hashing loop should be executed, much like the cost parameter on Blowfish.
// The default number of rounds is 5000, there is a minimum of 1000 and a maximum of 999,999,999. Any selection of N outside this range will be
// truncated to the nearest limit.
// http://php.net/manual/en/function.crypt.php
The PHP script in BitcoinTalk.org hashing the password:
Download:
1. btctalk-sha1.txt <- Raw-SHA1
2. btctalk-sha256crypt.txt <- sha256crypt, crypt(3) $5$
// CRYPT_SHA256 - SHA-256 hash with a sixteen character salt prefixed with $5$. If the salt string starts with 'rounds=<N>$',
// the numeric value of N is used to indicate how many times the hashing loop should be executed, much like the cost parameter on Blowfish.
// The default number of rounds is 5000, there is a minimum of 1000 and a maximum of 999,999,999. Any selection of N outside this range will be
// truncated to the nearest limit.
// http://php.net/manual/en/function.crypt.php
The PHP script in BitcoinTalk.org hashing the password:
PHP Code:
<?php
//salted SHA-256 with 7500 rounds
define('CRYPT_PARAMS', '$5$rounds=7500$');
//get $bytes bytes of secure random binary data
function urandom($bytes)
{
$file = fopen('/dev/urandom', 'rb');
$result = fread($file, $bytes);
fclose($file);
if(strlen($result) < $bytes)
die('urandom byte length mismatch');
return $result;
}
//hash and salt a new password for insertion into the database
function newpass($pass)
{
return crypt($pass, CRYPT_PARAMS . base64_encode(urandom(12)) . '$');
}
Download: