yeah, you know, I did read the man page for crypt...I just didn't get to the bottom. Like, in the notes section, where it says:
" If salt is a character string starting with the three characters "$1$"...then...$1$<salt>$<encoded>" That makes so much more sense now. These new-fangled systems and their fancy security...the "<2-char salt><hash>" format was simple enough for me to understand, why'd they go and change it? = D (not a serious question...) Should be ok now that I know that. On Nov 29, 2007 8:53 AM, David Brown <[EMAIL PROTECTED]> wrote: > On Thu, Nov 29, 2007 at 08:40:59AM -0800, Brian LaMere wrote: > >I don't want to try a dictionary attack on a hash, I want to try a > >*single word*. Of course, there's thousands of hashes I need to > >check, so I'm looking at perl. Issue is that a certain "default" > >password has been used where I work for a couple decades, and I need > >to find what accounts are still using it. > > Perhaps something like John the Ripper <http://www.openwall.com/john/> > could be configured to just use a very small dictionary. > > >I've tried Crypt::Cracklib, but GTry doesn't give me the same hash > >with the salt (first 2 chars still, right?) plus string. I've tried > >Crypt::PasswdMD5, but again - if I set a password, knowing what it is, > >then use those two functions to create a hash, the hash isn't the same > >as what is in the password file. So clearly, either I'm wrong about > >the salt, or something else is going on. Anyone have suggestions? > > For MD5 passwords, there are several fields separated by dollar signs. One > page suggests that the salt is base-64 encoded, so you would have to decode > that before giving it to the password attempt. I'm surprised that isn't > part of the API on the module, though. > > The TCL man page suggests that the salt is just the characters between the > dollar signs (after the $1$ indicating an MD5 password). > > Dave > > > > -- > [email protected] > http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-list > -- [email protected] http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-list
