PaulDotCom mailing list archives
question about password hash
From: rbutturini at epictn.com (Russell Butturini)
Date: Tue, 21 Jul 2009 14:53:38 -0500
This is pure speculation because as John said, there is information missing...But that looks a heck of a lot like a Cisco encrypted hash. From: pauldotcom-bounces at mail.pauldotcom.com [mailto:pauldotcom-bounces at mail.pauldotcom.com] On Behalf Of John Strand Sent: Tuesday, July 21, 2009 7:34 AM To: PaulDotCom Security Weekly Mailing List Subject: Re: [Pauldotcom] question about password hash What is really important is what came before it. For instance. $1$ = MD5 based encoding. There should have been a salt too. It would be very hard to crack without the salt. Was there anything else? What kind of system was it? check out http://en.wikipedia.org/wiki/Crypt_(Unix) <http://console.mxlogic.com/redir/?1ouKMye79CS1NEVjd7bbUUS03-7695pbuxbu0 0UoAlBwB4IJcld50jx8fd59K_nKC-yYYqekn3tPqSJDElCKn8lrxrW0EjVrmPQaPnVsSUed7 apJ5dxVeXVEVoudIfCMnWhEwdbomRIZ2IRPiWq81pLWjBm1EwQxlKpEwmSB35oE6y0DJ2pKv xYY1NJ4SMro76zBcQsECzAQsCOQ17n88-> John On Jul 21, 2009, at 3:36 AM, Security4AT wrote: Hi all, As a now business unit for us, I would like to check customer Notebooks and I would like to demonstrate who many Data are around and how many passwords are still on the machines. Now I found in a config file a password like $SWRDspDrR\DZfw (I changed two char.) and now I would like to know which password type it is. I searched in the Internet for same different password hash types and a handful online sites as http://www.insidepro.com/hashes.php?lang=eng <http://console.mxlogic.com/redir/?b3RS4hMVcSMed7apEVpv76M0kEkAxWQqYLxfq 4_FMh97X0ytY29K_nKC-yYYqekn3tPqSJDElCKn8lrxrW0EjVrmPQaPnVsSUed7apJ5dxVeX VEVoudIfCMnWhEwdbomRIZ2IRPiWq81pLWjBm1EwQxlKpEwmSB35oE6y0DJ2pKvxYY1NJcSM ro76zBcQsECzAQsCOQ17n88-> http://www.hashgenerator.de/ <http://console.mxlogic.com/redir/?m7HI8zxOpJwsqekPhOO-edw0yuQ9AvxYtDmf8 vxK_nKC-yYYqekn3tPqSJDElCKn8lrxrW0EjVrmPQaPnVsSUed7apJ5dxVeXVEVoudIfCMnW hEwdbomRIZ2IRPiWq81pLWjBm1EwQxlKpEwmSB35oE6y0DJ2pKvxYY1NJASMro76zBcQsECz AQsCOQ17n88-> Question: Is there any way to find out which password hash type it is. Regards Michael _______________________________________________ Pauldotcom mailing list Pauldotcom at mail.pauldotcom.com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom <http://console.mxlogic.com/redir/?1ouKMye79CS1NEVjd7bbUUS034-mRIZ2IR-nM 12V2kc4RtxxYGjB1SKbqSuxmqVK_nKC-yYYqekn3tPqSJDElCKn8lrxrW0EjVrmPQaPnVsSU ed7apJ5dxVeXVEVoudIfCMnWhEwdbomRIZ2IRPiWq81pLWjBm1EwQxlKpEwmSB35oE6y0DJ2 pKvxYY1NJwSMro76zBcQsECzAQsCOQ17n88-> Main Web Site: http://pauldotcom.com -------------- next part -------------- An HTML attachment was scrubbed... URL: http://mail.pauldotcom.com/pipermail/pauldotcom/attachments/20090721/a7ade730/attachment.htm
Current thread:
- question about password hash Security4AT (Jul 21)
- question about password hash christopher.riley at r-it.at (Jul 21)
- question about password hash John Strand (Jul 21)
- question about password hash Russell Butturini (Jul 21)
- <Possible follow-ups>
- question about password hash Security (Jul 22)