RE: Netscape Ldap ldif file SHA password cracking
From: Bénoni MARTIN (Benoni.MARTIN_at_libertis.ga)
Date: 12/09/04
- Previous message: Javier Otero De Alba: "RE: DB2 audit"
- Maybe in reply to: David Cross: "RE: Netscape Ldap ldif file SHA password cracking"
- Next in thread: noconflic: "Re: Netscape Ldap ldif file SHA password cracking"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 9 Dec 2004 16:42:37 +0100 To: "noconflic" <nocon@texas-shooters.com>, "m a" <aznxy@yahoo.com>
Hi !
In that case, you have also such a tool coming with Apache distrib, tool called htpass or htaccess (think it's the first proposal). It allows you to encrypt with MD 5 or SHA.
-----Message d'origine-----
De : noconflic [mailto:nocon@texas-shooters.com]
Envoyé : mercredi 8 décembre 2004 04:48
À : m a
Cc : pen-test@securityfocus.com
Objet : Re: Netscape Ldap ldif file SHA password cracking
I did some googling around and found this
From that page
[...]
SOFTWARE
'pwdhash' is a command-line program to generate or check userPasswordvalues. This program is
included with Netscape Directory Server; you'll find it in NSHOME/bin/slapd/server. For example,
to digest passwords:
% cd $NSHOME/bin/slapd/server
% ./pwdhash -s SHA abc abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq
{SHA}qZk+NkcGgWq6PiVxeFDCbJzQ2J0=
{SHA}hJg+RBw70m66rkqh+VEp5eVGcPE=
Or, to check passwords:
% ./pwdhash -c '{SHA}qZk+NkcGgWq6PiVxeFDCbJzQ2J0=' abc
./pwdhash: password ok.
% echo $status
0
% ./pwdhash -c '{SHA}QZk+NkcGgWq6PiVxeFDCbJzQ2J0=' abc
./pwdhash: password does not match.
% echo $status
1
[...]
Thou i haven't tested this, I think it would be easy enough to write a small BF script in conjuction with
'pwdhash -c' and a wordlist. It may not be a totaly practical solution to your problem
but, may get you to where you need to go. ;)
Just my 2 cents.
- nocon
[aznxy@yahoo.com] Tue, Nov 30, 2004 at 03:37:21AM -0000 wrote:
>
>
> I am trying to crack passwords in an ldif file downloaded using ldapminer. The server seems to be Netscape ldap based on this ldif section:
>
> server type is : netscape
> Netscape Checks enabled
>
> I firstly tried using Lumberjack
> (http://www.phenoelit.de/lj/docu.html)
>
> lj -w wordlist.txt -f myldap.ldif -V
>
> This is what I got as a result...
>
> (c) 1999 by Phenoelit (http://www.phenoelit.de/)
> Version 0.2.7b
> 100.00 %
> making list unique ...done
> Cleaning ... done
> Collecting ldif user informations ...
> 0 users with password found ...
> Entering wordlist mode ...
>
> These are some entries in the ldif file:
>
> attribute: authpassword
> value[0]: {seeGpA7K}
>
> attribute: authpassword
> value[0]: {om7b8U3NJ2E}
>
> attribute: userpassword
> value[0]: {SHA}hEqt9R50vHZ+EheHW+JOJKvNWpw=
>
> attribute: userpassword
> value[0]: {SHA}+A0MoQHpZ7ULcw3fjorKDehejfY=
>
> So it seems that it is SHA based encryption at least in the latter entries. I don't have a clue what the differect between authpassword and userpassword is...
> I tried John the Ripper (http://www.openwall.com//john/) patching with
> the Netscape diff files and recompiling. I basically put a SHA hash
> like the above in a txt file and fed into john
>
> john -format:SHA hash.txt
>
> John still however does not support SHA after the patching so I am not sure what to put in as format.
>
> Any ideas would be appreciated as I am really stuck at this point.
>
> Thanks in advance.
- Previous message: Javier Otero De Alba: "RE: DB2 audit"
- Maybe in reply to: David Cross: "RE: Netscape Ldap ldif file SHA password cracking"
- Next in thread: noconflic: "Re: Netscape Ldap ldif file SHA password cracking"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
