Re: Extreme Networks password hash

---------------------------------------
configure account admin encrypted
452tVo$nEbHpfJFTUGyBrqmtY8q3.
452tVo$nEbHpfJFTUGyBrqmtY8q3.
create account user "user" encrypted "yN/tVo$ARBcY8KlQBq.lvJg2nc5F."
--------------------------------------

I don't know of any tools for this specific hash, but if you're trying
to work out the algorithm, there's a few questions that need answered.
First off, this looks a lot like base64 encoding right? But not
quite...

Base64 strings are generally made up of the [A-Za-z0-9/+=] character
set, with '=' being a padding character. Your strings have mysterious
'.' and '$'. Why? I've seen variants of base64 where '/', '+', and/or
'=' are simply translated to another character because these are
inconvenient in the specific context. For instance on your command
line, perhaps '=' and '+' are operators and it's a pain to escape them.
One of your hashes has a '/' so '.' may map to equals or plus.

Now as for your '$', it could also map to equals or plus, but it's quite
the coincidence that the $ appears at the same position in both hashes.
I suspect it's simply a delimiter to separate a salt from the hash. The
padding seems a little wonky, but you could have a base64 encoded salt
of say 32 bits, followed by a hash of perhaps 128 bits. Just depends on
how what you think the '.' character is all about. More example hashes
would be helpful here.

good luck,
tim

------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------

Relevant Pages

  • Re: password protect pen drive
    ... Yes, hashes can be brute-forced, but can they all have a rainbow table associated with them? ... if the product is making a hash of what ... I am aware of Rainbow Tables that are in excess of 54 character hashes ...
    (Security-Basics)
  • RE: Cisco Catalyst 4006 CatOS Password Hash
    ... > Hi Miles.. ... > Shouldn't the length of the hash be longer in case of this? ... The hashes have exactly 22 characters after the last dollar sign... ... y = a 22 character MD5 hash ...
    (Pen-Test)
  • RE: [7.8.2002 44916] Notice of Copyright Infringement]
    ... Appending a single bit onto the end of the file makes a different hash. ... and you no longer match the hashes. ... The only way to prove you're breaking copyright is to download at ... |"real" warezed version of whatever movie. ...
    (Vuln-Dev)
  • Re: "index" efficiency... any help or ideas?
    ... > That's still a lot of checking; with a good hash, ... byte number of possibilities for character ... absolute jump address to the handler for that command... ... then the pointer is an offset relative to ...
    (alt.lang.asm)
  • Re: ACCEPT and the SCREEN SECTION.
    ... General-purpose hashes, for hash tables and similar data structures, ... In short, cryptographic hashes like MD5 are used to verify data, ... if a client asks for and receives a chunk ...
    (comp.lang.cobol)