Just a hint for other idiots like me.
In the readme of this project:
https://www.freecodecamp.org/learn/information-security/information-security-projects/sha-1-password-cracker
You find the following instruction:
The function should take an optional second argument named
use_salts
. If set to true, each salt string from the fileknown-salts.txt
should be appended AND prepended to each password fromtop-10000-passwords.txt
before hashing and before comparing it to the hash passed into the function.
I did something like this (which failed and I lost a lot of time with checking the encoding, hash-functions etc):
salted_password = salt + password + salt
What actually should be done is performing TWO checks:
salted_password1 = password + salt
salted_password2 = salt + password