Re: get MD5-Hash from /etc/shadow file
- From: "Morgan Reed" <morgan.s.reed@xxxxxxxxx>
- Date: Sat, 12 Apr 2008 22:41:50 +1000
On Fri, Apr 11, 2008 at 7:53 AM, markus sesser <security@xxxxxxxxx> wrote:
is it possible to get the md5 hash of shadow password?
root:$1$GXJzVR5J$vS4wC7AW6hV8TvLu6Dtxt.:13979:0:::::
i'm looking not for a tool like john, crack, ...
i want to have a step by step instruction to get the md5 hash.
That is the MD5 hash;
$1 - denotes MD5
$GXJzVR5J - 8 character salt
$vS4wC7AW6hV8TvLu6Dtxt. - actual hash
The $ symbols are field delimiters.
The hash would have been generated by something similar to
crypt("test", "$1$GXJzVR5J") look at 'man 3 crypt' for further
details.
I assume you want to learn how to crack the password?
The only ways you can find the password from the hash are by rainbow
tables or direct brute force, in this case given the 8 character salt
the only real option is brute force, i.e. hash every possibility and
compare the hash to this one;
e.g. Pseudo code
hash("a", "$1$GXJzVR5J")
compare hash
hash("b", "$1$GXJzVR5J")
compare hash
...
hash("aa", "$1$GXJzVR5J")
compare hash
hash("ab", "$1$GXJzVR5J")
compare hash
...
And so on.
------------------------------------------------------------------------
This list is sponsored by: Cenzic
Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!
http://www.cenzic.com/downloads
------------------------------------------------------------------------
- References:
- Pen testing techniques
- From: Atif Azim
- get MD5-Hash from /etc/shadow file
- From: markus sesser
- Pen testing techniques
- Prev by Date: Re: donloading jsp for pen-test
- Next by Date: Re: Mac symlink attack techniques?
- Previous by thread: Re: get MD5-Hash from /etc/shadow file
- Next by thread: Re: get MD5-Hash from /etc/shadow file
- Index(es):
Relevant Pages
|
Loading
