I use a 3rd party application for the bulk of our operation. This application allows me to create customer username/passwords for online access via a prebuilt website built by this 3rd party vendor. I want to build a new site for the customers to use because the site that was included with our application is terrible. However, I do not know how to hash the password to match the hash used in this application. I have been doing a lot of digging and I am pretty sure the vendor uses user defined functions to hash the passwords. However, there are multiple different functions that I believe are used in tandem with each other (Not positive, but they are all in the user defined functions in the database). Is there anyone familiar with the functions copyrighted by Gleb Ufimtsev, and called ugAddMod32, ugBitsSet, ugInverse, ugLeftShift, ugRightShift, ugRotateLeft, ugSha1part_ft, ugsha1part_kt, ugSha1part_WordofStr, ugSha1str.
I want to be able to hash the password from these functions and compare the asp hash to the hash stored in the database.
I tried to shorten this as much as possible. I am using vs2005, .aspx, with .vb file.
I can include the funtions if needed.
I tried using vs2005 built in functions to hash using sha1 and md5 but neither hash to the same output as what is in my database.
I have also tried many sites to match passwords and hash with well know hash functions, over 100 ways, and none match. This leads me to believe that this is a custom hash algorithm like the functions i have mentioned.
Thank You
Submit an article or tip