Hash
De Linuxmemo.
Sommaire |
[modifier] Ubuntu password storage
$1 = MD5 hashing algorithm. $2 =Blowfish Algorithm is in use. $2a=eksblowfish Algorithm $5 =SHA-256 Algorithm $6 =SHA-512 Algorithm
https://en.wikipedia.org/wiki/Crypt_(C)
$5$salt$encrypted is an SHA-256 encoded password. $6$salt$encrypted is an SHA-512 encoded one.
How to generate a shadow style password hash?
[root@localhost ~]# openssl passwd -1 redhat123 $1$jp5rCMS4$mhvf4utonDubW5M00z0Ow0
sha1pass - Create a SHA1 password hash sha1pass [PASSWORD] [SALT]
[modifier] Format
http://openwall.info/wiki/john/hash-formats
<hash> When only the hash is present, JtR will output ”?” as the username when showing and or cracking. <username>:<hash> (This is a basic/generic format) <useruame>:<hash>:<uid>:<gid>:<GECOS>:<directory>:<shell> (This is a typical *nix “unshadowed” format) <username>:<uid>:<LM-hash>:<NTLM-hash>:<comment>:<homedir>: (This is a PWDump Format)
[modifier] ???
MD5 hashed password using the MD5 hash algorithm SMD5 MD5 with salt SHA hashed password using the SHA-1 hash algorithm SSHA SHA-1 with salt
[modifier] Outils
- online
http://www.lorem-ipsum.co.uk/hasher.php
- commande pour générer des mots de passe Unix like (Shadow)
mkpasswd --method=help Méthodes disponibles : des standard 56 bit DES-based crypt(3) md5 MD5 sha-256 SHA-256 sha-512 SHA-512 mkpasswd --method=sha-512 --salt=ilgneZZz MotDePass $6$ilgneZZz$3F0CFqdnusWgqidMGk0.7n7nGjjSyDLUXnY3/qYWKYlOhygJx05JuxmK6xTrCgeBP/CLZYOZ3F2Jc5TZ9w.XJ/
If you don't provide mkpasswd with a salt it will automatically generate a random salt.
[modifier] Astuces
- comparer 2 hash
if [ "$hash1" = "$hash2" ]; then echo same; fi
Convertir une chaine hexadécimal en ASCII
$echo 6d656d6f2d6c696e75782e636f6d0a | xxd -r -p memo-linux.com
Convertir une chaine ASCII en hexadécimal
echo memo-linux.com | xxd -p 6d656d6f2d6c696e75782e636f6d0a
Voir hashid
[modifier] LDAP
Base64Encode(SHA1(salt+password)+salt)
So inside that Base64 value you have both the hash and salt.
With SSHA, normally the salt is appended to the SHA1 hash and then the whole thing is Base64 encoded (I've never seen an LDAP that didn't do SSHA this way). You should be able to tell this by looking at the userPassword attribute. If it's 28 character long with a = at the end, it's only the hash.
If the Base64 value is 32 character long or greater, it contains both the hash and the salt. Base64 decode the value and strip off the first 20 bytes, this is the SHA1 hash. The remaining bytes are the salt.
Example: Base64 encoded hash with salt
userPassword: {SSHA}MTIzNDU2Nzg5MDEyMzQ1Njc4OTAxMjM0
Base64 decoded value
SHA1 Hash Salt
--------------------++++
123456789012345678901234
echo "e3NzaGF9NTIyZXI0Y2FoRitvWVIzS1JtYUpFYUhUWXFYZzJKZEV3SUN5VlE9PQ=="| base64 -d
{ssha}522er4cahF+oYR3KRmaJEaHTYqXg2JdEwICyVQ==
echo -n "522er4cahF+oYR3KRmaJEaHTYqXg2JdEwICyVQ" | hexdump
0000000 3235 6532 3472 6163 4668 6f2b 5259 4b33
0000010 6d52 4a61 6145 5448 7159 6758 4a32 4564
0000020 4977 7943 5156
0000026
#SHA-1 160 bits soit 20 Octets #Couper les 20 premier Octets (hash+salt) echo -n "522er4cahF+oYR3KRmaJEaHTYqXg2JdEwICyVQ" | cut -b 20- JEaHTYqXg2JdEwICyVQ ou echo -n "522er4cahF+oYR3KRmaJEaHTYqXg2JdEwICyVQ" | xxd -b -l+20 ou echo -n "522er4cahF+oYR3KRmaJEaHTYqXg2JdEwICyVQ" | xxd -l+20 ou echo -n "522er4cahF+oYR3KRmaJEaHTYqXg2JdEwICyVQ" | xxd -l+20 -ps #cool echo -n "522er4cahF+oYR3KRmaJEaHTYqXg2JdEwICyVQ" | xxd -l+20 -ps -c 1 # c'est le hash+salt
echo -n "522er4cahF+oYR3KRmaJEaHTYqXg2JdEwICyVQ" | xxd -s 18 # c'est le salt
➜ ~ echo -n "522er4cahF+oYR3KRmaJEaHTYqXg2JdEwICyVQ" | xxd -g1 -l+20 00000000: 35 32 32 65 72 34 63 61 68 46 2b 6f 59 52 33 4b 522er4cahF+oYR3K 00000010: 52 6d 61 4a RmaJ ➜ ~ echo -n "522er4cahF+oYR3KRmaJEaHTYqXg2JdEwICyVQ" | xxd -g1 -s18 00000012: 61 4a 45 61 48 54 59 71 58 67 32 4a 64 45 77 49 aJEaHTYqXg2JdEwI 00000022: 43 79 56 51 CyVQ
