In the screenshot there is a browser cookie with an encrypted seed hex and a salt hex. It is possible to find out the seed from this information?
Why? Why not?
Thanks!
Asked
Active
Viewed 148 times
-4
-
1Short answer No. That assumes the cookie designers were competent. Even if they weren't, then you have to try all the possible mistakes they might have made to see if you can crack it. That is likely to be almost as difficult as a brute force attack. – rossum Apr 09 '21 at 11:56
1 Answers
1
Hashing is a one way process and Encryption is 2 way process. What I mean by this is , when we use a plain text and encrypt it to get a cipher text, we can again get the plain text from the cipher text. but that is not the case for hashing. You can never get the plain text from the hashed value. Yes, there have been hacks before where the hashed values are guessed correctly, but that's just a lucky guess. To know the original value from the hashed text, you would have to know
- the hashing algorithm being used.
- The Salt original text
- Whether the salt text was encrypted before hashing or not.
So lot of question needs to be answered before knowing the original value. In case they use MD5 hashing algorithm, then there is a small chance that you'll be able to get the original value through bruteforce, but the salt adds an extra layer of cracking to do.
To know more, please refer the below link to know about hashing
Inder Preet
- 114
- 5
-
Thank you for this info, so then most likely only the app creator (receiver of the text) has the algorithm to decrypt it. – Andrew Richmond Apr 10 '21 at 17:52
-
Yes . the receiver and sender has the algorithm for encryption/decryption – Inder Preet Apr 11 '21 at 05:26