Re: Brute force .htpasswd

From: D V (mysecurite@yahoo.fr)
Date: 11/27/01

Previous message: Vitaly Osipov: "Re: A tool for crafting ESP packets"
In reply to: H D Moore: "Re: Brute force .htpasswd"
Next in thread: Erik Parker: "Re: Brute force .htpasswd"
Reply: Erik Parker: "Re: Brute force .htpasswd"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Message-ID: <20011127105249.81305.qmail@web14505.mail.yahoo.com>
Date: Tue, 27 Nov 2001 11:52:49 +0100 (CET)
From: D V <mysecurite@yahoo.fr>
Subject: Re: Brute force .htpasswd
To: H D Moore <sflist@digitaloffense.net>, pen-test@securityfocus.com

Hi,

I have received some e-mail from people (thanks to
all of us) telling me to mangle the hashes in a
correct password file format. It is not the problem
for me. I will try to explain.

If you take a MD5 hash from a Unix/Linux box, the hash
is beginning whith $1$ (and I think by $2$ in some
case) but if you are taking a MD5 hash from a .htacess
(or .htpasswd) file using by Apache, it begins by
$apr1$. In this case, John and MD5Crack doesn't work
(I also tried to force the format with -format:MD5
with john). It tried them on W32 and Linux.
The MD5 hashes are generating with htpasswd.exe (on
W32) that is a tool provided with Apache.

For the example, I have generating a MD5 hash :
test:$apr1$K2......$0afaV4Pb0N8k1udUVBHo./
In this case the password is 'test' but I have no tool
(MD5crack and John doesn't work) that allow me to
crack this .htpasswd file.

Any help is welcome. Thank for your help

Dominique

--- H D Moore <sflist@digitaloffense.net> a écrit : >
MDCrack is one of the nicest MD5 brute forcers I
> have come across. You may
> need to mangle the hashes a little bit to get
> mdcrack to accept them, but it
> should do the trick. JTR is also very good at
> cracking md5 hashes, they have
> in the correct format for it to recognize them
> though.
>
> MDCrack:
> http://mdcrack.multimania.com/nsindex2.html

___________________________________________________________
Do You Yahoo!? -- Une adresse @yahoo.fr gratuite et en français !
Yahoo! Courrier : http://courrier.yahoo.fr

----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/

Previous message: Vitaly Osipov: "Re: A tool for crafting ESP packets"
In reply to: H D Moore: "Re: Brute force .htpasswd"
Next in thread: Erik Parker: "Re: Brute force .htpasswd"
Reply: Erik Parker: "Re: Brute force .htpasswd"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

Re: Brute force .htpasswd
... DV> If you take a MD5 hash from a Unix/Linux box, ... DV> (or .htpasswd) file using by Apache, ... This list is provided by the SecurityFocus Security Intelligence Alert ...
(Pen-Test)
Re: BSDstats Project v2.0 ...
... TCP/IP address hashes. ... If you know my IP, my hostname, what OS I'm running and *every* driver I have enabled on my box, you're half way toward breaking in to my box. ... Even though you're hashing it with MD5, he has written a script that generates, in less than an hour, the MD5 hash for every single IP address in the world. ... Adjunct Information Security Officer ...
(freebsd-questions)
Re: BSDstats Project v2.0 ...
... TCP/IP address hashes. ... I'll repeat that... ... I have an md5 hash for ...
(freebsd-questions)
MD5 problem
... i have same codes and i want to convert them in md5 hash. ... the correct md5 ... if i write the following the hashes are wrong. ...
(php.general)