Penetration Testing mailing list archives
Netscape Ldap ldif file SHA password cracking
From: m a <aznxy () yahoo com>
Date: 30 Nov 2004 03:37:21 -0000
I am trying to crack passwords in an ldif file downloaded using ldapminer. The server seems to be Netscape ldap based on this ldif section: server type is : netscape Netscape Checks enabled I firstly tried using Lumberjack (http://www.phenoelit.de/lj/docu.html) lj -w wordlist.txt -f myldap.ldif -V This is what I got as a result... (c) 1999 by Phenoelit (http://www.phenoelit.de/) Version 0.2.7b 100.00 % making list unique ...done Cleaning ... done Collecting ldif user informations ... 0 users with password found ... Entering wordlist mode ... These are some entries in the ldif file: attribute: authpassword value[0]: {seeGpA7K} attribute: authpassword value[0]: {om7b8U3NJ2E} attribute: userpassword value[0]: {SHA}hEqt9R50vHZ+EheHW+JOJKvNWpw= attribute: userpassword value[0]: {SHA}+A0MoQHpZ7ULcw3fjorKDehejfY= So it seems that it is SHA based encryption at least in the latter entries. I don't have a clue what the differect between authpassword and userpassword is... I tried John the Ripper (http://www.openwall.com//john/) patching with the Netscape diff files and recompiling. I basically put a SHA hash like the above in a txt file and fed into john john -format:SHA hash.txt John still however does not support SHA after the patching so I am not sure what to put in as format. Any ideas would be appreciated as I am really stuck at this point. Thanks in advance.
Current thread:
- Netscape Ldap ldif file SHA password cracking m a (Nov 30)