Safari 4 Webpage Preview's, uses which hash function? - hash

I've been looking at Safari 4's Webpage Previews (~/Library/Caches/com.apple.Safari/Webpage Previews/), the image names appear to use a 128 bit hash, but which hash function are Apple using?
I found this page, Web Based MD5 / SHA1 / SHA-256 / SHA-384 / SHA-512 Cryptographic Hash Calculator Function, but, comparing some Webpage Preview image names with the hash results for the same URLs gives no positive results.


Something tells me that they do not use hash code. Names are just plain generated GUIDs. To match page with preview they use sqlite3 database, you can find it by name WebpageIcons.db.
EDIT: unfortunatelly WebpageIcons.db is not for previews...

Related

SHA256 odd hex input

I was trying to hash 'abc' as a hex number input on two different sites, but both give different hash.
Later I found out, that one site interprets it as '0abc' and the second one as 'abc0'.
Since I'm finishing my sha256 hashing program, I was wondering which one is correct.
Thank you

How to get Perl crypt to encrypt more than 8 characters?

Only the first 8 characters is encrypted when the Perl crypt function is used. Is there a way to get it to use more characters?
As an example:
$crypted_password = crypt ("PassWord", "SALT");
and
$crypted_password = crypt ("PassWord123", "SALT");
returns exactly the same result. $crypted_password has exactly the same value.
Would love to use crypt because it is a quick and easy solution to some none reversible encryption but this limit does not make it useful for anything serious.

To quote from the documentation:
Traditionally the result is a string of 13 bytes: two first bytes of the salt, followed by 11 bytes from the set [./0-9A-Za-z], and only the first eight bytes of PLAINTEXT mattered. But alternative hashing schemes (like MD5), higher level security schemes (like C2), and implementations on non-Unix platforms may produce different strings.
So the exact return value of crypt is system dependent, but it often uses an algorithm that only looks at the first 8 byte of the password. These two things combined make it a poor choice for portable password encryption. If you're using a system with a stronger encryption routine and don't try to check those passwords on incompatible systems, you're fine. But it sounds like you're using an OS with the old crappy DES routine.
So a better option is to use a module off of CPAN that does the encryption in a predictable, more secure way.
Some searching gives a few promising looking options (That I haven't used and can't recommend one over another; I just looked for promising keywords on metacpan):
Crypt::SaltedHash
Authen::Passphrase::SaltedDigest
Crypt::Bcrypt::Easy
Crypt::Password::Util

SHA1 Hash in BitTorrent is not text

I am learning how the bitTorrent and Bencoded dictionary of bitTorrent. But I don't understand how the pieces are encoded in SHA-1 in the torrent metainfo file. As from my knowledge SHA-1 hash is look like this aaf4c61ddcc5e8a2dabede0f3b482cd9aea9434d, but instead it look like this KÅ•Š8yç=¾4f¯gBûõÿm¶¤lâFiÔ
Somebody tell me what is this?

No, your assumption is wrong. SHA-1 doesn't "look like this aaf4c61ddcc5e8a2dabede0f3b482cd9aea9434d" as hash functions returns just list of bytes. What you have seen as KÅ•Š8yç=¾4f¯gBûõÿm¶¤lâFiÔ is just output of that function which your viewer tries to output as a text, which obviously fails.

Looking for a hash with an output of 50 characters?

I'm attempting to figure out how Skype stores the emoticons it downloads, and there does seem to be a standard in the naming scheme. All files are prefixed with a code similar to the one below, which is a 50 character hash prefixed and suffixed with a caret character. I have been unable to find any reference to a 50 character / 200 bit hash, although references to SHA-3 did appear in my queries.
^2BA3514B75E7AF97940579D1E698B7F33984FE029B2FA59CB3^
This hash might be some variation of 'rain', '(rain)' or 'Raining', however I have no way of attempting to reverse-engineer it. If possible, could you point me to a similar or identical algorithm?

How best to display a file hash

Simple question. What is the best (most universal) way to display a file hash? Below are two SHA256 hashes for the same file. One is displayed as base64 and one is...something else. The file hash will be used for auditing to make sure the file we send is the same as the file the auditor received. If the hash needs to be verified, I want to make sure I provide the hash that is the most easily verifiable.
SHA256 55461e72cccb74b475278189956b9db307bf44945e1639af93c34b224b7fcfd
SHA256 Base 64 VUYecszLdLR1J4GJlWudswe/RJReFjmvk8NLIkt/z9s=

55461e72cccb74b475278189956b9db307bf44945e1639af93c34b224b7fcfd
The point of Base64 is to constrain the character set to displayable characters. The hash is in hexadecimal which is even more constrained.