3

On Ubuntu 12.04 I created several users and passwords, then promptly proceeded to try to crack those passwords with John the ripper. One password is very strong, but the others are in my wordlists.

John is still running, but I've got two cracked so far in about 20 minutes.

Everything I read talks about whether the salt is known or not. Take this hash for example:

john:$6$YiP34XiXdXyh9fZn$JrbLMb.VGncFzEyBlz5YsKUim.UE5JLPvFhfcgAH4lz.usOrh.lic8IrQx0PRMIvIIIK4KnaTs9fiEXwNOLJ1/:1003:1003:John,,,:/

The salt is: 

YiP34XiXdXyh9fZn

, right? I mean, isn't it always known? So a salt really doesn't do anything but protect against using rainbow tables, right?

Also, there is this post:

How long to brute force a salted SHA-512 hash? (salt provided)

According to that, a sha512 essentially cannot be cracked at all unless the password is in a wordlist. That post is about a year old, anyone have any new insights? I'm finding it difficult to find good resources about cracking hashes; all the information out there is about generating hashes and protecting passwords.

Community
  • 1
  • 1
user1616244
  • 269
  • 2
  • 3
  • 8
  • Have you read [Salted Password Hashing - Doing it Right](http://crackstation.net/hashing-security.htm)? It's a very helpful introduction to salting, password cracking, etc. – David Cain Aug 22 '12 at 11:59
  • Excellent suggestion, that was very helpful. So when I read people mention wether or not the salt is known, it is because the salt does have to always be a part of the hash. I'm still curious about brute forcing a sha512; is it possible to do if the password isn't in a wordlist? – user1616244 Aug 22 '12 at 19:50
  • On this: "isn't it always known? So a salt really doesn't do anything but protect against using rainbow tables, right?", the salt is not for the purpose of this but to add a unique key which is unique per password. – mhvvzmak1 May 13 '16 at 00:04

2 Answers2

1

  1. In your example the salt is YiP34XiXdXyh9fZn (base-64 encoded).

  2. Yes, in this case salt protects only against rainbow tables.

  3. SHA512 still secure now. Attacker need a password list.

Mihai Iorga
  • 39,330
  • 16
  • 106
  • 107
Pavel Ognev
  • 962
  • 7
  • 15
1

this post is really old but i want to correct this anyway.
Its not only for rainbow table attack but also for common attacks against whole databases.
an attacker who capture an pw database wouldn't be so dumb and attack every hash separately.
He will attack them all at once.
so he has to calc for example while doing a dictionary attack every hash only one time and can then compare it with all the hashes from the db.
with random salt he has to calc every hash for every pw individually.
this would be slower almost by a factor of the number of hashes.
salted big databases are much harder to attack then plain hash dbs.

Ramon
  • 424
  • 2
  • 9
  • 24