flat assembler - mummurhash3

Index > Windows > mummurhash3 - 32bit

Author

Thread

prino

Joined: 24 Jun 2004
Posts: 21
Location: Vilnius

prino 15 Jun 2025, 14:39

Does anyone have code to generate these hashes, or know where I can find an implementation in x86 (or even an .exe that contains this code, so that I can use IDA/GHIDRA to extract it?

_________________
Robert AH Prins
robert dot ah dot prins at the big account from Google Wink

15 Jun 2025, 14:39

a

Joined: 10 Apr 2025
Posts: 29
Location: Ukraine

a 16 Jun 2025, 09:38

prino wrote:

so that I can use IDA/GHIDRA to extract it?

Holy shit, I just googled GHIDRA and apparently it is debugger made by NSA,
it surprised me that they made it public.
Well I know that a lot of US goverment projects (like google and tor browser) was already created + made public but damn, NSA releasing their debugger is new to me

16 Jun 2025, 09:38

Core i7

Joined: 14 Nov 2024
Posts: 134
Location: Socket on motherboard

Core i7 17 Jun 2025, 06:02

prino wrote:

or even an .exe that contains this code, so that I can use IDA/GHIDRA to extract it?

Why such complications?
There are examples of implementation, I think it will be possible to rewrite it in asm: https://github.com/PeterScott/murmur3

17 Jun 2025, 06:02

Core i7

Joined: 14 Nov 2024
Posts: 134
Location: Socket on motherboard

Core i7 17 Jun 2025, 07:11

a wrote:

Holy shit, I just googled GHIDRA and apparently it is debugger made by NSA,it surprised me that they made it public.

Yes, Ghidra transmits some data from the user's machine to the NSA server - this is a proven fact. To catch this "scoundrel", you can run a network sniffer, for example Wireshark, and, having found out the server address/port, block it with a firewall. Or just always run it offline.

17 Jun 2025, 07:11

revolution
When all else fails, read the source

Joined: 24 Aug 2004
Posts: 20708
Location: In your JS exploiting you and your system

revolution 17 Jun 2025, 07:31

IMO, it is better to block all applications by default from any network access, and use a whitelist to allow application you need and trust.

17 Jun 2025, 07:31

Furs

Joined: 04 Mar 2016
Posts: 2655

Furs 17 Jun 2025, 15:38

revolution wrote:

IMO, it is better to block all applications by default from any network access, and use a whitelist to allow application you need and trust.

This is the way. You'd be surprised how little apps actually need it.

17 Jun 2025, 15:38

Core i7

Joined: 14 Nov 2024
Posts: 134
Location: Socket on motherboard

Core i7 17 Jun 2025, 16:11

Wireshark even shows the content of the traffic, so we can find out what exactly is going from the machine to the enemy server. And blocking everything is a bad idea in my opinion, because "honest" software can go to its server to get, for example, updates.

17 Jun 2025, 16:11

revolution
When all else fails, read the source

Joined: 24 Aug 2004
Posts: 20708
Location: In your JS exploiting you and your system

revolution 17 Jun 2025, 22:47

Automatic updates are a curse, and should be outlawed.

17 Jun 2025, 22:47

< Last Thread | Next Thread >

Forum Rules:

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum