Fcc-brute-force-password-cracker - hint to salted

Just a hint for other idiots like me.

In the readme of this project:
https://www.freecodecamp.org/learn/information-security/information-security-projects/sha-1-password-cracker

You find the following instruction:

The function should take an optional second argument named use_salts . If set to true, each salt string from the file known-salts.txt should be appended AND prepended to each password from top-10000-passwords.txt before hashing and before comparing it to the hash passed into the function.

I did something like this (which failed and I lost a lot of time with checking the encoding, hash-functions etc):
salted_password = salt + password + salt

What actually should be done is performing TWO checks:

salted_password1 = password + salt
salted_password2 = salt + password
4 Likes

Thank you very much, @s-projects18! you did a massive good here! (I was stuck at the same point)

That AND was not what I thought:

  1. The function should take an optional second argument named use_salts . If set to true, each salt string from the file known-salts.txt should be appended to each password from top-10000-passwords.txt before hashing and before comparing it to the hash passed into the function.
    AND
  2. The function should take an optional second argument named use_salts . If set to true, each salt string from the file known-salts.txt should be prepended to each password from top-10000-passwords.txt before hashing and before comparing it to the hash passed into the function.
1 Like

I guess Iā€™m another idiot haha thanks for the tip!!

Should change the AND to OR.

No, it really should say AND.