Penetration Testing mailing list archives
RE: get MD5-Hash from /etc/shadow file
From: admin () systemstates net
Date: Mon, 14 Apr 2008 00:37:37 -0700
-------- Original Message -------- Subject: Re: get MD5-Hash from /etc/shadow file From: "Razi Shaban" <razishaban () gmail com> Date: Fri, April 11, 2008 7:04 pm To: security () sesser eu Cc: pen-test () securityfocus com It's DES.
It is not DES. from 'man 3 crypt': "Glibc Notes The glibc2 version of this function has the following additional fea? tures. If salt is a character string starting with the three charac? ters "$1$" followed by at most eight characters, and optionally termi? nated by "$", then instead of using the DES machine, the glibc crypt function uses an MD5-based algorithm, and outputs up to 34 bytes, namely "$1$<salt>$<encoded>", where "<salt>" stands for the up to 8 characters following "$1$" in the salt, and "<encoded>" is a further 22 characters. The characters in "<salt>" and "<encoded>" are drawn from the set [a-zA-Z0-9./]. The entire key is significant here (instead of only the first 8 bytes)." Most Linux distros have defaulted to MD5 rather than DES-based[1] hashing for ages now. cheers, [1] yeah, DES isn't a hash but it's sort of used as one in crypt(). -- www.systemstates.net - penetration test / IDS / incident response ------------------------------------------------------------------------ This list is sponsored by: Cenzic Need to secure your web apps NOW? Cenzic finds more, "real" vulnerabilities fast. Click to try it, buy it or download a solution FREE today! http://www.cenzic.com/downloads ------------------------------------------------------------------------
Current thread:
- RE: get MD5-Hash from /etc/shadow file admin (Apr 14)