Penetration Testing mailing list archives
Re: Netscape Ldap ldif file SHA password cracking
From: miguel.dilaj () pharma novartis com
Date: Wed, 1 Dec 2004 16:19:49 +0000
Hi m a, Be careful, things like {SHA}hEqt9R50vHZ+EheHW+JOJKvNWpw= and {SHA}+A0MoQHpZ7ULcw3fjorKDehejfY= are not a SHA hash straigth away. A typical SHA (SHA-1) hash will look like: 5BAA61E4C9B93F3F0682250B6CF8331B7EE68FD8 (the above is for the word 'password'). My first guess is some kind of Base64 encoding (or similar) of the string without the '{SHA}'. Example: plaintext: password SHA-1: 5BAA61E4C9B93F3F0682250B6CF8331B7EE68FD8 Base64 encoding of the above: NUJBQTYxRTRDOUI5M0YzRjA2ODIyNTBCNkNGODMzMUI3RUU2OEZEOA== So you see the similarities, but still no cigar! As far as I understand (I don't use it), the patch to JtR is for SSHA (Secure SHA, Salted SHA, whatever you like), not for PLAIN SHA. If you manage to decode the string and obtain a plain SHA-1 hash as shown above, feel free to use Lepton's Crack against it (http://freshmeat.net/projects/lcrack/). Cheers, Miguel aka Nekromancer
Current thread:
- Re: Netscape Ldap ldif file SHA password cracking Anders Thulin (Dec 01)
- <Possible follow-ups>
- Re: Netscape Ldap ldif file SHA password cracking miguel . dilaj (Dec 01)
- Re: Netscape Ldap ldif file SHA password cracking Rafał Kupka (Dec 01)
- Re: Netscape Ldap ldif file SHA password cracking m a (Dec 06)
- RE: Netscape Ldap ldif file SHA password cracking David Cross (Dec 09)
- Re: Netscape Ldap ldif file SHA password cracking noconflic (Dec 09)
- RE: Netscape Ldap ldif file SHA password cracking Bénoni MARTIN (Dec 09)