[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <CAKUSvF8tWLpSDzxCs6pAqOiO4i+MmwqhUuhjwbCtiCfvF1M2gg@mail.gmail.com>
Date: Wed, 22 May 2019 09:34:30 +1000
From: Jason Thomas <jason.e.thomas@...il.com>
To: john-users@...ts.openwall.com
Subject: SSHA256 (32bit hash, 32bit salt)
Hi,
Can someone help me work out how to handle this format in JTR.
I tried dynamic_62 and it did not find any hashes.
Example hash below:
userid:password_hash
9430645:{SSHA256}qtLYMs6YUpOlgtjBFTlDpLZ/V0Or6nHhfEgx5h9W6JfnBP0YqBMlMN2dmp7ARN3GNDmhe2l7nNOxnSvlQN3R8w==
Password is Abcd1234!
I think the issue is the salt is 32bit.
Here's some Perl that I can use to test a single password:
$password_line =
'{SSHA256}qtLYMs6YUpOlgtjBFTlDpLZ/V0Or6nHhfEgx5h9W6JfnBP0YqBMlMN2dmp7ARN3GNDmhe2l7nNOxnSvlQN3R8w==';
$pass_test = 'Abcd1234!';
($hashed_pw, $salt) = unpack("a32 a*", decode_base64($password_line));
$hashed_test = sha256($pass_to_test . $salt);
if ($hashed_pw eq $hashed_test) {
print "Password Correct\n";
}
Any help appreciated.
Thanks.
Powered by blists - more mailing lists
Confused about mailing lists and their use?
Read about mailing lists on Wikipedia
and check out these
guidelines on proper formatting of your messages.
