Penetration Testing mailing list archives
Re: Extreme Networks password hash
From: Peter Kosinar <goober () ksp sk>
Date: Fri, 18 Apr 2008 12:26:39 +0200 (CEST)
Hello Alexander,
--------------------------------------- configure account admin encrypted 452tVo$nEbHpfJFTUGyBrqmtY8q3. 452tVo$nEbHpfJFTUGyBrqmtY8q3. create account user "user" encrypted "yN/tVo$ARBcY8KlQBq.lvJg2nc5F." -------------------------------------- Does anyone know about the kind of hash used, or recognize the ones in the configuration? If you do, would you happen to know any tool that can perform an attack against this kind of hash?
It's MD5, as used by crypt(). Prepend "$1$" to the password, and feed it to your favourite password cracker:
& cat pass test1:$1$452tVo$nEbHpfJFTUGyBrqmtY8q3.::::: test2:$1$yN/tVo$ARBcY8KlQBq.lvJg2nc5F.::::: & ./john pass Loaded 2 password hashes with 2 different salts (FreeBSD MD5 [32/32]) (test1) (test2) guesses: 2 time: 0:00:00:00 100% (2) c/s: 1111 trying: Peter -- [Name] Peter Kosinar [Quote] 2B | ~2B = exp(i*PI) [ICQ] 134813278 ------------------------------------------------------------------------ This list is sponsored by: Cenzic Need to secure your web apps NOW? Cenzic finds more, "real" vulnerabilities fast. Click to try it, buy it or download a solution FREE today! http://www.cenzic.com/downloads ------------------------------------------------------------------------
Current thread:
- Extreme Networks password hash Alexander Sandström Krantz A (Apr 17)
- Re: Extreme Networks password hash RB (Apr 18)
- Re: Extreme Networks password hash Marco Ivaldi (Apr 18)
- Re: Extreme Networks password hash Peter Kosinar (Apr 18)
- Re: Extreme Networks password hash Tim (Apr 18)
- DoS Tool Baykal, Adnan (CSCIC) (Apr 23)
- Re: DoS Tool Razi Shaban (Apr 23)
- DoS Tool Baykal, Adnan (CSCIC) (Apr 23)
- RE: Extreme Networks password hash Jean-Paul Eklo (Apr 18)
- Re: Extreme Networks password hash razi garbie (Apr 18)
- RE: Extreme Networks password hash Alexander Sandström Krantz A (Apr 21)