Penetration Testing mailing list archives

Re: Netscape Ldap ldif file SHA password cracking

From: Rafał Kupka <rkupka () wdg pl>
Date: Wed, 01 Dec 2004 19:41:33 +0100

Miguel.dilaj () pharma novartis com wrote:
Hello,

[cut]

My first guess is some kind of Base64 encoding (or similar) of the string 
without the '{SHA}'.
Example:
plaintext:     password
SHA-1:     5BAA61E4C9B93F3F0682250B6CF8331B7EE68FD8
Base64 encoding of the above: 
NUJBQTYxRTRDOUI5M0YzRjA2ODIyNTBCNkNGODMzMUI3RUU2OEZEOA==

So you see the similarities, but still no cigar!


It's {SHA1}<base64 encoded binary form of sha1 hash>.

for eg.,
$perl -e 'use Digest::SHA1 qw(sha1); print sha1(@ARGV[0]);' password |
base64-encode
W6ph5Mm5Pz8GgiULbPgzG37mj9g=

Plaintext: password
SHA-1: <binary data>
Base64 of above data: W6ph5Mm5Pz8GgiULbPgzG37mj9g=

Cheers,
-- 
Rafal Kupka <rkupka () wdg pl>

Current thread:

Re: Netscape Ldap ldif file SHA password cracking Anders Thulin (Dec 01)
- <Possible follow-ups>
- Re: Netscape Ldap ldif file SHA password cracking miguel . dilaj (Dec 01)
  - Re: Netscape Ldap ldif file SHA password cracking Rafał Kupka (Dec 01)
- Re: Netscape Ldap ldif file SHA password cracking m a (Dec 06)
  - RE: Netscape Ldap ldif file SHA password cracking David Cross (Dec 09)
- Re: Netscape Ldap ldif file SHA password cracking noconflic (Dec 09)
- RE: Netscape Ldap ldif file SHA password cracking Bénoni MARTIN (Dec 09)