Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Tue, 16 Mar 2010 14:15:10 +0100
From: SL <auditor@...chat.de>
To: john-users@...ts.openwall.com
Subject: salted triple-SHA1

Hello Group,

is there a (fairly simple) way to teach john following hashing  
algorithm?

sha1($salt.sha1($salt.sha1($pass)))


Example:
username:password:salt
username:e6240f5404d2c1004aed37a66550a5b1ea60c469:b295d117135a9763da282e 
7dae73a5ca7d3e5b11

salt="b295d117135a9763da282e7dae73a5ca7d3e5b11"
pass="password"
echo -n "$salt$(echo -n "$salt$(echo -n "$pass" | openssl sha1)" |  
openssl sha1)" | openssl sha1

I used "sha1('salt')" as salt, but that doesn't matter.


I was thinking of the new generic MD5 mode, modified to SHA1 (such  
as: username:sha1_gen(1)e6240f5404d2c1004aed37a66550a5b1ea60c469 
$b295d117135a9763da282e7dae73a5ca7d3e5b11), but I'm afraid that's  
beyond my coding skills.

I'd give it a go though, if someone could give me a raw sketch of the  
steps involved.


Anyone?
Thanks in advance!
SL

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.