2

I have been given a file with user and passwords in the format: $id$salt$hashed.

Where ID stands for the type of encryption and id=1 stands for FreeBSD-style MD5.

There is an example in which I know the password= "alice"

jsmith: $1$kDHTx$WKRXXT1P7UtjvU7CQ9eWs/:10063:0:99999:7:::

So I have done this in Python to check

import hashlib

passw='alice'
salt='kDHTx'

hashed= hashlib.md5(salt+passw).hexdigest()

print('What i get is: '+hashed)
print('What i should: '+'WKRXXT1P7UtjvU7CQ9eWs')

But I dont even get the format correctly:

What i get is: ba359e6dd36371c4dc5c187aac11e0d8
What i should: WKRXXT1P7UtjvU7CQ9eWs

What am I doing wrong? Or even understanding wrong from the begining?

Scott Arciszewski
  • 33,610
  • 16
  • 89
  • 206
19mike95
  • 506
  • 2
  • 4
  • 19
  • Why do you think you should get `WKRXXT1P7UtjvU7CQ9eWs`? The result from python looks correct, because the result has to be hexadecimal (I didn't calculate the hash myself). Maybe that result you provided uses some other encoding. – The Quantum Physicist Nov 21 '18 at 16:13
  • It is the example I have been given, and at least the format of the Hashed should be the same. – 19mike95 Nov 21 '18 at 16:15
  • Just one recommendation: Don't use md5 for hashing because that's vulnerable to gpu and asics attacks. Use something advanced like argon2. Check what I did [here](https://stackoverflow.com/a/49468677/1317944). – The Quantum Physicist Nov 21 '18 at 16:18
  • I am not hashing for security its just an exercise where i have to get as many passwords as possible from the /etc/shadow file. And regarding my initial question, can it be any kind of format issue? – 19mike95 Nov 21 '18 at 16:23
  • [Here](http://code.activestate.com/recipes/325204-passwd-file-compatible-1-md5-crypt/) a solution for you. – kelalaka Nov 21 '18 at 16:25
  • 2
    Note: Neither md5 nor shadow are encryption, and this is not a hexdigest since it has both uppercase and lowercase letters. – Max Nov 21 '18 at 16:37

1 Answers1

5

You need to use the crypt library instead of hashlib.

>>> import crypt
>>> crypt.crypt('alice', crypt.METHOD_MD5)
$1$tlyP8ine$I9F3AiUCIgOjREqbx6WUg0

The salt is generated by the function when you pass in crypt.METHOD_MD5.

To re-create an existing hash, you can pass it in as the second argument:

>>> crypt.crypt('alice', '$1$kDHTx$WKRXXT1P7UtjvU7CQ9eWs/')
$1$kDHTx$WKRXXT1P7UtjvU7CQ9eWs/
Adam
  • 709
  • 4
  • 16
  • 2
    It looks like you can pass the whole $1$... source password as the 'salt' in python 3.x's crypt function to reuse the salt: `Since a few crypt(3) extensions allow different values, with different sizes in the salt, it is recommended to use the full crypted password as salt when checking for a password.` – Max Nov 21 '18 at 16:43
  • Nice, I'll add that to the post – Adam Nov 21 '18 at 16:48
  • By the way, is crypt just for Python 3 or superior? – 19mike95 Nov 21 '18 at 16:59
  • `crypt` was added in Python 2.7 but there were significant improvements from Python 3.3 and onwards. You can check the Python3 documentation on the Python site. – Adam Nov 21 '18 at 17:02
  • And a final doubt, this method works for SHA256($5$), SHA512($6$)... etc? – 19mike95 Nov 21 '18 at 20:45
  • Running `crypt.methods` will return a list of supported hash functions. – Adam Nov 21 '18 at 20:48