Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Mon, 15 May 2006 03:37:10 +0400
From: Solar Designer <solar@...nwall.com>
To: john-users@...ts.openwall.com
Subject: Re: unrecognized encryption

On Sun, May 14, 2006 at 11:43:35PM +0100, jonathan rennie wrote:
> I'm trying to recognize the type of encryption used on ExtremeNetworks
> switches.....

> create account admin "username" encrypted "/64h3c$FQvA67Sp5KOvLlOvT/jF.0"

Please provide the corresponding plaintext password as well - then I
(and others) will be able to perform some tests.

> username:/64h3c$FQvA67Sp5KOvLlOvT/jF.0

Well, introducing "$1$" before the password hash makes John recognize it
as a FreeBSD-style MD5-based one - but I would not be surprised if the
actual hashing method used by these devices has been slightly modified.
 
> significantly the seventh character is ALWAYS a $, could this $ be a
> delimiter of some type, perhaps the first six chars are a random key and the
> last chars (after the $) are the result of hashing with the random key (I'm
> guessing here) 

Most likely the 6 characters before the "$" is a salt:

	http://article.gmane.org/gmane.comp.security.openwall.john.user/278
 
-- 
Alexander Peslyak <solar at openwall.com>
GPG key ID: B35D3598  fp: 6429 0D7E F130 C13E C929  6447 73C3 A290 B35D 3598
http://www.openwall.com - bringing security into open computing environments

Was I helpful?  Please give your feedback here: http://rate.affero.net/solar

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ