I am looking to find bcrypt hash string using regex (in PowerGrep), in a database.
Tried this regex:
{?A-Za-z_0-9.{60}}?
But no match w
Just as an addition to the answer above from @stribizhev. The bcrypt hashes you might encounter out there in the wild come in a few varieties, so you may have to modify the regex to catch all of them. The variations are as follows:
The "Algorithm Identifier" portion of the hash may include:
"2"
- the first revision of BCrypt, which suffers from a minor security flaw and is generally not used anymore.
"2a"
- some implementations suffered from a very rare security flaw.
"2y"
- format specific to the crypt_blowfish BCrypt implementation, identical to "2a" in all but name.
"2b"
- latest revision of the official BCrypt algorithm
^\$2[ayb]\$.{56}$
seems to work for me
see here for the breakdown of a bcrypt hash: Can someone explain how BCrypt verifies a hash?