Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sun, 10 Feb 2013 04:27:52 +0400
From: Solar Designer <solar@...nwall.com>
To: john-users@...ts.openwall.com
Subject: Re: SSHA-512 supported?

Jon -

On Fri, Feb 08, 2013 at 03:24:52PM -0500, Jon Schipp wrote:
> I have a salted SHA-512 hash that I'm having trouble cracking, it's from an
> AIX 5.3 OS, using their Pluggable Authentication Modules.
> The /etc/security/passwd file has account information in stanzas:
> 
> test:
>         password =
> {ssha512}06$aXayEJGxA02Bl4d2$TWfWx34oD.UjrS/Qtco6Ij2XPY1CPYJfdk3CcxEjnMZvQw2p5obHYH7SI2wxcJgaS9.S9Hz948R.GdGwsvR...

Can you run these commands on your AIX and post their output, please?

time perl -e '$p = "{ssha512}04$................"; print crypt("", $p), "\n"; for ($n = 0; $n < 100000; $n++) { $c = crypt($n, $p); print "$n $c\n" if ($c =~ /\.\.\.[^\$]*$/); }'

time perl -e '$p = "{ssha512}06$................"; print crypt("", $p), "\n"; for ($n = 0; $n < 100000; $n++) { $c = crypt($n, $p); print "$n $c\n" if ($c =~ /\.\.\.[^\$]*$/); }'

time perl -e '$p = "\$6\$................"; print crypt("", $p), "\n"; for ($n = 0; $n < 100000; $n++) { $c = crypt($n, $p); print "$n $c\n" if ($c =~ /\.\.\.[^\$]*$/); }'

In case there are any issues with shell escaping here, please run the
commands in bash (I tested the last of the three in bash on Linux).

These commands may take a few minutes to complete (about 6 minutes for
the last command here).

I am interested in both output from the Perl one-liners and the output
from "time" (duration and CPU usage).  If possible, run these under no
or light other load.

I am hoping that AIX's custom algorithm is available via crypt(3) and
thus via Perl's crypt() as well, but I am not sure of that.  If this
fails, we'll have to look for the right function to call...

Thanks,

Alexander

Powered by blists - more mailing lists

Your e-mail address:

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.