Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Mon, 15 May 2006 22:18:58 +0400
From: Solar Designer <>
Subject: Re: unrecognized encryption

On Mon, May 15, 2006 at 10:48:04AM -0500, Jonathan Rennie wrote:
> create account admin "mickey" encrypted "595E87$tke8rNTAva8Sbwm35ctpI/"
> create account admin "goofy" encrypted "P13W97$tBW5aFepUmi2k49T2zkK50"
> all of these accounts were created using a password that was the same as
> the account name.....

Well, they do use the FreeBSD-derived algorithm unmodified.  Here's a
sed one-liner to get your passwords into a format usable by John:

sed -n 's/:/_/g; s/^create account [^"]*"\(.\{1,\}\)" encrypted "\([$./0-9A-Za-z]\{27,31\}\)".*$/\1:$1$\2/p' < extreme-switch-config > passwd

The output from sed is:


and John cracks it like this:

Loaded 6 password hashes with 6 different salts (FreeBSD MD5 [32/32])
daisie           (daisie)
daffy            (daffy)
goofy            (goofy)
donald           (donald)
mickey           (mickey)
minnie           (minnie)
guesses: 6  time: 0:00:00:00 100% (1)  c/s: 42.85  trying: minnie

Alexander Peslyak <solar at>
GPG key ID: B35D3598  fp: 6429 0D7E F130 C13E C929  6447 73C3 A290 B35D 3598 - bringing security into open computing environments

Was I helpful?  Please give your feedback here:

Powered by blists - more mailing lists

Your e-mail address:

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.