c - Brute forcing crypt() if salt and password hash are known? -

-

playing through wargames , curious if possible (they want solve in different way, still).

there's .c file function has code looks this:

char buffer[20]; scanf("%s", buffer); char* hash = crypt(buffer, "$6$") char* password = "$6$123456abcdef" #long string  if (strcmp(password, hash) == 0) supersecretfunction();

is there way brute force considering salt , hashed password known already?

unlike original des-based crypt() algorithm used in older unix variants, brute forced relatively modest modern resources, newer unices including gnu/linux flavours use extended encrypted password specification. can recognize if encrypted password (or salt) start "$id$" "id" algorithm identifier, see table below.

"$6$" indicates sha-512 used encryption (well, hashing actually). after second '$' comes salt, '$' , sha-512 of password.

the sha-512 algorithm used decribed in detail here: ftp://ftp.arlut.utexas.edu/pub/java_hashes/sha-crypt.txt

this algorithm involves, default, 5000 rounds of sha-512 encrypting single password. doing brute force attack computationally infeasible moderate length/complexity passwords. dictionary based attack feasible still time consuming shorter, less complex passwords.

for format of password field, see above linked article or summary see http://man7.org/linux/man-pages/man3/crypt.3.html, quoted in part below:

   if salt character string starting characters "$id$"    followed string terminated "$":            $id$salt$encrypted     instead of using des machine, id identifies encryption    method used , determines how rest of password    string interpreted.  following values of id supported:            id  | method           ─────────────────────────────────────────────────────────           1   | md5           2a  | blowfish (not in mainline glibc; added in               | linux distributions)           5   | sha-256 (since glibc 2.7)           6   | sha-512 (since glibc 2.7)     $5$salt$encrypted sha-256 encoded password ,    $6$salt$encrypted sha-512 encoded one.     "salt" stands 16 characters following "$id$" in    salt.  encrypted part of password string actual    computed password.  size of string fixed:     md5     | 22 characters    sha-256 | 43 characters    sha-512 | 86 characters     characters in "salt" , "encrypted" drawn set    [a-za-z0-9./].  in md5 , sha implementations entire key    significant (instead of first 8 bytes in des).

edit: article may of interest: https://www.win.tue.nl/~aeb/linux/hh/hh-4.html


Comments

Post a Comment

Popular posts from this blog

javascript - Laravel datatable invalid JSON response -

-
everything work fine on code below fetch user logs: js: <script> $(document).ready(function () { var table =$('#systemlogs').datatable({ responsive: true, processing: true, serverside: true, "language": { "url": "/datatables/media/plug-in/persian.json" }, ajax: '{!! url('/admin/systemlogs/data/systemlogsdatatable') !!}', columns: [ { data: 'name', name: 'name' }, { data: 'message_text', name: 'message_text' }, { data: 'remote_addr', name: 'remote_addr' }, { data: 'log_created_at', name: 'management_logs.created_at' }, { data: 'log_updated_at', name: 'management_logs.updated_at' }, ] }); }); </script> routes: route::get('/systemlogs/data/systemlogsdatatable','systemlogscontrolle...
Read more

java - Exception in thread "main" org.springframework.context.ApplicationContextException: Unable to start embedded container; -

-
i getting error when run spring application: exception in thread "main" org.springframework.context.applicationcontextexception: unable start embedded container; nested exception org.springframework.context.applicationcontextexception: unable start embeddedwebapplicationcontext due missing embeddedservletcontainerfactory bean. @ org.springframework.boot.context.embedded.embeddedwebapplicationcontext.onrefresh(embeddedwebapplicationcontext.java:124) @ org.springframework.context.support.abstractapplicationcontext.refresh(abstractapplicationcontext.java:476) @ org.springframework.boot.context.embedded.embeddedwebapplicationcontext.refresh(embeddedwebapplicationcontext.java:109) @ org.springframework.boot.springapplication.refresh(springapplication.java:691) @ org.springframework.boot.springapplication.run(springapplication.java:320) @ org.springframework.boot.springapplication.run(springapplication.java:952) @ org.springframework.boot.springa...
Read more

sql server 2008 - My Sql Code Get An Error Of Msg 245, Level 16, State 1, Line 1 Conversion failed when converting the varchar value '8:45 AM' to data type int -

-
msg 245, level 16, state 1, line 1 conversion failed when converting varchar value '8:45 am' data type int. script declare @specimenid bigint = 0, @script varchar(max); declare @starttime int = (select convert(int,substring(start_time,0,charindex(':', start_time)) - 12) appt appt._id=112601) --select @starttime set @script = 'select distinct ptlast_name + '', '' + pt.first_name patient_name, dbo.formatdate(pt.dob,''mm/dd/yyyy'') dob, (convert(varchar, (datediff(yy, dob, appt_date) - case when (month(dob) > month(appt_date)) or (month(dob) = month(appt_date) , day(dob) > day(appt_date)) 1 else 0 end)) + ''/'' + convert(varchar, (datediff(m, dateadd(yy, (datediff(yy, dob, appt_date) - case when (month(dob) > month(appt_date)) or (month(dob) = month(appt_date) , day(dob) > day(appt_date)) 1 else 0 end), d...
Read more