known_hosts_bruteforcer icon indicating copy to clipboard operation
known_hosts_bruteforcer copied to clipboard

Published 20 hours ago verified publisher icon xme

Optimize use of decode_base64

Open jawaad-ahmad opened this issue 4 years ago • 0 comments

Povl Ole Haarlev Olsen commented on the original blog on 25 Apr 2015 (https://blog.rootshell.be/2010/11/03/bruteforcing-ssh-known_hosts-files/) stating:

Another optimization step would be to move the decode_base64($saltStr[$i]) step from searchHash() (i.e. ALL THE TIME) to the loop where you read the file (i.e. ONCE per salt).

I also think it make senses to use decode_base64() on the digest in the read loop (i.e. once) and later compare it with $hmac->digest (instead of b64digest). No need to spend time on base64 encoding all the time, if we don’t really need it.

I'm assuming this is what's meant in the Todo list in the code:

# Todo
# ----
# - Increase performances
# ...

jawaad-ahmad avatar Aug 02 '20 07:08 jawaad-ahmad