eset-password-recovery icon indicating copy to clipboard operation
eset-password-recovery copied to clipboard

Published 20 hours ago verified publisher icon LFriede

possibility of false positives?

Open mike-code opened this issue 6 years ago • 2 comments

I encountered an issue where I got match (pass found) but it wasn't the actual password. How do exclude such situations?

mike-code avatar Apr 10 '19 23:04 mike-code

Since the algo is not more than CRC32 it is definately possible to have multiple passwords with the same hash. The question is if they will be accepted by eset or not. If they are not accepted there must be other checks by eset that I didn't saw while reversing that or there is a bug in my implementation. Can you send me an example (you can send it via email if you don't want to post it public) and your eset product version?

LFriede avatar Apr 11 '19 18:04 LFriede

My bad. The hash was 68DBAF89 which I see now that you have it in your algorithm implementation so I understand is some generic value? The AV was set up using on-site distributed systems (remote management) so I guess the password was stored on the master machine.

mike-code avatar Apr 12 '19 11:04 mike-code