Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Fri, 27 Aug 2010 10:18:07 +0200
From: fijam 7 <fijam7@...il.com>
To: john-users@...ts.openwall.com
Subject: A puzzling hash from the past

Hello,

I recently analyzed the firmware of a certain discontinued router that
I have and managed to extract a cramfs filesystem. There, I found
/etc/shadow with a strange hash:

user:$1juTFYmn618Y:12086::99999::::

To my understanding, a DES hash should have 13 characters in base64
digits (including the salt). Any ideas why does it start with a '$'?
It appears that the firmware utilized tinylogin 0.80 and uClibc
0.9.26. I had a look at the source but found no clues.

Regards,
JM

Powered by blists - more mailing lists

Your e-mail address:

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.