RE: Extreme Networks password hash
- From: Jean-Paul Eklo <kuneklo@xxxxxxxxxxx>
- Date: Fri, 18 Apr 2008 14:22:48 +0200
-
---------------------------------------
configure account admin encrypted
452tVo$nEbHpfJFTUGyBrqmtY8q3.
452tVo$nEbHpfJFTUGyBrqmtY8q3.
create account user "user" encrypted "yN/tVo$ARBcY8KlQBq.lvJg2nc5F."
--------------------------------------
As these commands contain different hashes, even though both users are given
emtpy passwords, I guess the hash is salted. From the length I also guess that
it's SHA224, but that is a complete guess as I really have no idea.
Does anyone know about the kind of hash used, or recognize the ones in the
configuration? If you do, would you happen to know any tool that can perform
an attack against this kind of hash?
Cheers,
Alexander
Hi Alexander,
Using the openssl command
openssl passwd -1 -salt 452tVo
I got the result :
$1$452tVo$nEbHpfJFTUGyBrqmtY8q3. . I used 452tVo as salt and an MD5 hash.
Just for info for the user's password :
openssl passwd -1 -salt yN/tVo
Password:
$1$yN/tVo$ARBcY8KlQBq.lvJg2nc5F.
HTH
Jean-Paul
_________________________________________________________________
Avec Hotmail, vos e-mails vous suivent partout ! Mettez Hotmail sur votre mobile !
http://www.messengersurvotremobile.com/?d=hotmail
------------------------------------------------------------------------
This list is sponsored by: Cenzic
Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!
http://www.cenzic.com/downloads
------------------------------------------------------------------------
- References:
- Extreme Networks password hash
- From: Alexander Sandström Krantz A
- Extreme Networks password hash
- Prev by Date: Re: Forms D2K Application Testing
- Next by Date: Re: Extreme Networks password hash
- Previous by thread: Re: DoS Tool
- Next by thread: Re: Extreme Networks password hash
- Index(es):
Relevant Pages
|
|
