Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Thu, 29 Sep 2011 10:58:30 -0700 (PDT)
From: firstname lastname <psykosonik_frequenz@...oo.com>
To: jfoug <jfoug@....net>,
  "john-users@...ts.openwall.com" <john-users@...ts.openwall.com>
Subject: Re: Apache Server SHA-1 Variant

Thanks. Do you mean that they are the same as SSHA1 hashes?



----- Original Message -----
From: jfoug <jfoug@....net>
To: john-users@...ts.openwall.com; 'firstname lastname' <psykosonik_frequenz@...oo.com>
Cc: 
Sent: Thursday, September 29, 2011 10:20 PM
Subject: RE: [john-users] Apache Server SHA-1 Variant

The {SHA}base64  is handled today by the NSLDAP format.

I have tested the 'test string' from the apache link you provide, and JtR
cracks it just fine.

Jim.

>From: firstname lastname [mailto:psykosonik_frequenz@...oo.com]
>
>Can JTR handle the Apache variant of a SHA1 hash?
>
>{SHA1} + base64 encoded string of SHA1 hash of the password
>
>The PHP implementation = {SHA1} + base64_encode(sha1($password), true)
>
>More details about the hash can be found here:
>
>http://httpd.apache.org/docs/2.2/misc/password_encryptions.html
>
>Regards,
>NeonFlash

Powered by blists - more mailing lists

Your e-mail address:

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.