On 1/16/06, Roman Medina-Heigl Hernandez <[EMAIL PROTECTED]> wrote:
Well, according to the FAQ (http://blogs.sun.com/roller/resources/raja/ldap-psd.html), it's just some simple encryption:
" 5.6. What is NS1 format?? How is the NS1 format converted/used to
authenticate against the userPassword in CRYPT format in the LDAP server?
The Native LDAP client library (libsldap) uses an internal and simple
algorithm to encrypt (and tag) the proxyagent password so that it
would not be stored in /var/ldap/ldap_client_cred in plaintext.
The NS1 encrypted password will be decrypted by the libsldap library
before authenticating the proxy agent to the LDAP server. From the
server perspective, it receives and process the plaintext password to
match the crypt userPassword as usual."
The libsldap library obviously can decrypt this, so it should be easy to write a tool which will do this (once you know how encryption/decryption works). But, from the text above, it's pretty clear that this is not a one way function.
Cheers,
Bojan
Hi,
I've been told that Solaris' NS_LDAP_BINDPASSWD could be decrypted. For
instance:
$ ldapclient -l
NS_LDAP_FILE_VERSION= 1.0
NS_LDAP_BINDDN=
cn=proxyagent,ou=profile,dc=blr03-01,dc=india,dc=sun,dc=com
NS_LDAP_BINDPASSWD= {NS1}3d1a48xxxxxxxxx
...
The pass is {NS1}3d1a48xxxxxxxxx. Is it really possible to decode it and
get the plaintext password? I couldn't find any useful info about
decoding NS1 passwords.
Well, according to the FAQ (http://blogs.sun.com/roller/resources/raja/ldap-psd.html), it's just some simple encryption:
" 5.6. What is NS1 format?? How is the NS1 format converted/used to
authenticate against the userPassword in CRYPT format in the LDAP server?
The Native LDAP client library (libsldap) uses an internal and simple
algorithm to encrypt (and tag) the proxyagent password so that it
would not be stored in /var/ldap/ldap_client_cred in plaintext.
The NS1 encrypted password will be decrypted by the libsldap library
before authenticating the proxy agent to the LDAP server. From the
server perspective, it receives and process the plaintext password to
match the crypt userPassword as usual."
The libsldap library obviously can decrypt this, so it should be easy to write a tool which will do this (once you know how encryption/decryption works). But, from the text above, it's pretty clear that this is not a one way function.
Cheers,
Bojan
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
