Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sun, 26 May 2019 15:44:40 +0200
From: Solar Designer <solar@...nwall.com>
To: john-users@...ts.openwall.com
Subject: Re: SSHA256 (32bit hash, 32bit salt)

Hi Jason,

On Wed, May 22, 2019 at 09:34:30AM +1000, Jason Thomas wrote:
> Can someone help me work out how to handle this format in JTR.
> 
> I tried dynamic_62 and it did not find any hashes.

You can in fact use dynamic_62 for this, but you need to re-encode the
hashes for it, see below:

> Example hash below:
> userid:password_hash
> 9430645:{SSHA256}qtLYMs6YUpOlgtjBFTlDpLZ/V0Or6nHhfEgx5h9W6JfnBP0YqBMlMN2dmp7ARN3GNDmhe2l7nNOxnSvlQN3R8w==
> 
> Password is Abcd1234!

$ cat decode_ssha256.pl
#!/usr/bin/perl

use MIME::Base64;

while (<>) {
	chomp;
	($user, $delim, $pass) = /^([^:]*)(:)([^:]*)$/;
	$pass = $_ if (!defined($pass));
	($bin_hash, $bin_salt) = unpack('a32 a*', decode_base64($pass));
	$new = '$dynamic_62$' . unpack('H*', $bin_hash) . '$HEX$' . unpack('H*', $bin_salt);
	if (defined($user)) {
		print "$user:$new\n";
	} else {
		print "$new\n";
	}
}
$ cat pw
9430645:qtLYMs6YUpOlgtjBFTlDpLZ/V0Or6nHhfEgx5h9W6JfnBP0YqBMlMN2dmp7ARN3GNDmhe2l7nNOxnSvlQN3R8w==
$ ./decode_ssha256.pl < pw > pwd
$ cat pwd
9430645:$dynamic_62$aad2d832ce985293a582d8c1153943a4b67f5743abea71e17c4831e61f56e897$HEX$e704fd18a8132530dd9d9a9ec044ddc63439a17b697b9cd3b19d2be540ddd1f3
$ cat w
Abcd1234!
$ ./john -w=w -form=dynamic_62 pwd
Using default input encoding: UTF-8
Loaded 1 password hash (dynamic_62 [sha256($p.$s) 128/128 AVX 4x])
Warning: no OpenMP support for this hash type, consider --fork=32
Press 'q' or Ctrl-C to abort, almost any other key for status
Warning: Only 1 candidate left, minimum 24 needed for performance.
Abcd1234!        (9430645)
1g 0:00:00:00 DONE (2019-05-26 15:37) 5.263g/s 5.263p/s 5.263c/s 5.263C/s Abcd1234!
Use the "--show --format=dynamic_62" options to display all of the cracked passwords reliably
Session completed
$ ./john --show --format=dynamic_62 pwd
9430645:Abcd1234!

1 password hash cracked, 0 left

> I think the issue is the salt is 32bit.

It's actually 32 bytes, or 256-bit.

What kind of system did this hash come from?  Should we add better
support for it to JtR, so that the re-encoding would be unnecessary?

I notice we have support for hashes tagged {SSHA} and {SSHA512}, but
currently not for {SSHA256}.

Alexander

Powered by blists - more mailing lists

Your e-mail address:

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.