[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <4E4A60A2.4070903@linuxasylum.net>
Date: Tue, 16 Aug 2011 14:20:50 +0200
From: Samuele Giovanni Tonon <samu@...uxasylum.net>
To: john-users@...ts.openwall.com
Subject: Re: SSHA Format Hashes for JTR
On 08/16/11 13:26, firstname lastname wrote:
> I would like to know, how to format a given hash into a suitable form which can be understood by JTR to crack SSHA1 hash type?
>
> The format which JTR accepts for Netscape LDAP hashes is:
>
> {SSHA}hash
>
> the hash here seems to be base64 encoded.
>
> The perl scripts included in the JTR package can be used to extract the passwords from LDAP. But I am interested in learning how to convert a hash into this format.
>
> Where can I find more details about how exactly this algorithm is used to hash a given plaintext?
this script should help you understand how ssha works
#!/usr/bin/python
import sys
import hashlib
import base64
import os
def makeSecret(password):
salt = os.urandom(4)
h = hashlib.sha1(password)
h.update(salt)
return base64.encodestring(h.digest() + salt)
def checkPassword(challenge_password, password):
challenge_bytes = decode(challenge_password[6:])
digest = challenge_bytes[:20]
salt = challenge_bytes[20:]
hr = hashlib.sha1(password)
hr.update(salt)
return digest == hr.digest()
fp = file(sys.argv[1],'r')
fw = file(sys.argv[2],'w')
for line in fp.readlines():
mypwd = makeSecret(line.strip('\n'))
print "{SSHA}%s:%s"%(mypwd.strip(),line.strip('\n'))
fp.close()
fw.close()
regards
Samuele
Powered by blists - more mailing lists
Confused about mailing lists and their use?
Read about mailing lists on Wikipedia
and check out these
guidelines on proper formatting of your messages.
