Welcome to HBH! If you had an account on hellboundhacker.org you will need to reset your password using the Lost Password system before you will be able to login.

Kind Of Encryption...

  1. Home
  2. Forum
  3. Cryptography
  4. Kind Of Encryption...

ghost's Avatar

ghost

0 0

anon1:$1$0ABI89fK$kWD1ScwvpFouOaNSg8P1U/:13111:0:99999:7:::

Does Anyone Know What Type Of Encryption The Password File There Is?


n3w7yp3's Avatar

n3w7yp3

Member
0 0

Thats a line from a *nix /etc/shadow file. the username is anon. The password hash is $1$0ABI89fK$kWD1ScwvpFouOaNSg8P1U/ . Thats a salted MD5 hash (you can tell because it starts with "$1". dump it into john the ripper. shouldn't take too long to crack, if you havea good CPU.

BTW, I got bored and cracked it. output is below:

[root@localhost run]# ./john -w:/home/n3w7yp3/hacking/tools/labs/crypto/words ~n3w7yp3/hacking/hbh-hash
Loaded 1 password (FreeBSD MD5 [32/32])
guesses: 0  time: 0:00:00:04 3%  c/s: 7743  trying: anabrotic
anonymous        (anon)
guesses: 1  time: 0:00:00:04 100%  c/s: 8919  trying: anonymous
[root@localhost run]#

ghost's Avatar

ghost

0 0

Ok… So Salted MD5, What the difference between a MD5 Hash and the salt? i have a root password in a shadow file, but it's a hard password, and i was wondering if there was any quick way of cracking it… i know john, but this is one of those passwords that would take about 3 month's on a cray to crack … lol


n3w7yp3's Avatar

n3w7yp3

Member
0 0

The salt is a set of characters thats used as an offset to start the permutations.

The difference between a salrted hash and a clean hash are quite obviosu. Consider the following:

[n3w7yp3@localhost crypto]$ ./md5-hash.pl
Usage: ./md5-hash.pl <string>
String is the string to encrypt with MD5.
[n3w7yp3@localhost crypto]$ ./md5-hash.pl n3w7yp3
Encrypting 'n3w7yp3' with MD5...
Your MD5 hexadecimal hash is: e9f5a3b1250837c83e4b9f4bdf0e4714
[n3w7yp3@localhost crypto]$

Thats a clean hash. Now here is a salted:

[n3w7yp3@localhost crypto]$ ./md5-crypt.pl
Usage: ./md5-crypt.pl <plaintext> [salt]
[n3w7yp3@localhost crypto]$ ./md5-crypt.pl n3w7yp3
Plaintext: n3w7yp3
Salt: $1$qtmyahsa$
MD5 hash: $1$qtmyahsa$9bavdbeei8oz3cUhZFFTq1
[n3w7yp3@localhost crypto]$

Thats a salted hash. As you can see they look quite different. Now, I coded this script so that if the salt wasn't provided, it autogenerated one. An MD5 salt is 12 characters organized like:

$1$[a-z][A-Z][0-9]$

whrere the stuff in the middle ([a-z][A-Z][0-9]) are are at most 8 characters, which makes th salt a total of 12 characters. To get a feel for salts, here is the results of me running the md5-crypt.pl script 5 times, each time hashing the string n3w7yp3:

$1$pqgpdidv$MUZSiOkXjMgNAcLJ228pT1
$1$bxkksclo$k1Td/7elI8Iy2nb7nczCk1
$1$sztpyqdd$ZDwi9XyrT5rT4Dc.dFa.Z/
$1$mnjyyrem$wEXVoW4FDbHV1OcIEYw/l/
$1$rvbzpkta$e0ai6s02IdzMksi9ZGlus1

See how a different salt effects the hash?

So, there is no shrotcut to cracking salted MD5.

BTW, how do you know that this is a strong password? Just becasue it didn't crack in the first 5 minuets doesn't mean that its strong…


ghost's Avatar

ghost

0 0

WTF you on about? scratches head and looks confused.


ghost's Avatar

ghost

0 0

root:$1$puLS/iXj$4RUIMPkLWhkKpVAav1Zik/

Ok… Now I Get it that tells me a ton… thank you very much, now, what about the above, can anyone crack that for me?