|
Penetration Testing
mailing list archives
RE: get MD5-Hash from /etc/shadow file
From: admin () systemstates net
Date: Mon, 14 Apr 2008 00:37:37 -0700
-------- Original Message --------
Subject: Re: get MD5-Hash from /etc/shadow file
From: "Razi Shaban" <razishaban () gmail com>
Date: Fri, April 11, 2008 7:04 pm
To: security () sesser eu
Cc: pen-test () securityfocus com
It's DES.
It is not DES.
from 'man 3 crypt':
"Glibc Notes
The glibc2 version of this function has the following additional fea?
tures. If salt is a character string starting with the three charac?
ters "$1$" followed by at most eight characters, and optionally termi?
nated by "$", then instead of using the DES machine, the glibc crypt
function uses an MD5-based algorithm, and outputs up to 34 bytes,
namely "$1$<salt>$<encoded>", where "<salt>" stands for the up to 8
characters following "$1$" in the salt, and "<encoded>" is a further 22
characters. The characters in "<salt>" and "<encoded>" are drawn from
the set [a-zA-Z0-9./]. The entire key is significant here (instead of
only the first 8 bytes)."
Most Linux distros have defaulted to MD5 rather than DES-based[1] hashing for
ages now.
cheers,
[1] yeah, DES isn't a hash but it's sort of used as one in crypt().
--
www.systemstates.net - penetration test / IDS / incident response
------------------------------------------------------------------------
This list is sponsored by: Cenzic
Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!
http://www.cenzic.com/downloads
------------------------------------------------------------------------
 By Date 
By Thread
Current thread:
- RE: get MD5-Hash from /etc/shadow file admin (Apr 14)
|
Intro
