Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Mon, 15 May 2006 10:48:04 -0500 (CDT)
From: "Jonathan Rennie" <jrrennie@...ther.com>
To: john-users@...ts.openwall.com
Subject: Re: unrecognized encryption

create account admin "mickey" encrypted "595E87$tke8rNTAva8Sbwm35ctpI/"

create account admin "minnie" encrypted "nB3T87$w52t8g9q5Wm3sWWxojJDx."

create account admin "donald" encrypted "E74e87$SUB8BXN.Mrc6uFzUXzkMx1"

create account admin "daisie" encrypted "xp.s87$YV0hUcQ8JBjbFV.ZEg22b."

create account admin "daffy" encrypted "CE.897$SW4BA9o87hTYSPnlm8mjM/"

create account admin "goofy" encrypted "P13W97$tBW5aFepUmi2k49T2zkK50"

all of these accounts were created using a password that was the same as
the account name.....

mickey:mickey
minnie:minnie

etc etc etc

Many thanks for all your help......



----- Original Message -----
On Sun, May 14, 2006 at 11:43:35PM +0100, jonathan rennie wrote:
> > I'm trying to recognize the type of encryption used on ExtremeNetworks
> > switches.....
>
> > create account admin "username" encrypted "/64h3c$FQvA67Sp5KOvLlOvT/jF.0"
>
> Please provide the corresponding plaintext password as well - then I
> (and others) will be able to perform some tests.
>
> > username:/64h3c$FQvA67Sp5KOvLlOvT/jF.0
>
> Well, introducing "$1$" before the password hash makes John recognize it
> as a FreeBSD-style MD5-based one - but I would not be surprised if the
> actual hashing method used by these devices has been slightly modified.
>
> > significantly the seventh character is ALWAYS a $, could this $ be a
> > delimiter of some type, perhaps the first six chars are a random key
and the
> > last chars (after the $) are the result of hashing with the random key
(I'm
> > guessing here)
>
> Most likely the 6 characters before the "$" is a salt:
>
>         http://article.gmane.org/gmane.comp.security.openwall.john.user/278
>
> --
> Alexander Peslyak <solar at openwall.com>
> GPG key ID: B35D3598  fp: 6429 0D7E F130 C13E C929  6447 73C3 A290 B35D
3598
> http://www.openwall.com - bringing security into open computing
environments
>
> Was I helpful?  Please give your feedback here:
http://rate.affero.net/solar
>
> --
> To unsubscribe, e-mail john-users-unsubscribe@...ts.openwall.com and reply
> to the automated confirmation request that will be sent to you.
>
>
>

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ