comment on

Looking at the data, the first part after the $1$ is in base64, and the rest of it is in hex. The amount of data in the hex string matches the size of an SHA512 digest.

I have a number of examples of the same password being hashed with this function, and the size of the base64 part is always the same, but the value is different. When decoded, the string is exactly 32 bytes long.

I have made the assumption that some random(?) data is being passed to an MD5 function, as this outputs 32 bytes. The $1$ would indicate, I think, that an md5 crypt function is being used to generate the salt, rather than md5 itself.

Following on from this, my assumption is that this function used to return an MD5 hashed password, and has subsequently been upgraded to SHA512, but for whatever reason they didn't change the algorithm number, and didn't use the standard crypt(3) library.

rdfield

In reply to Re^2: password encryption woes by rdfield
in thread password encryption woes by rdfield

Are you posting in the right place? Check out Where do I post X? to know for sure.
Posts may use any of the Perl Monks Approved HTML tags. Currently these include the following:
<code> <a> <b> <big> <blockquote> <br /> <dd> <dl> <dt> <em> <font> <h1> <h2> <h3> <h4> <h5> <h6> <hr /> <i> <li> <nbsp> <ol> <p> <small> <strike> <strong> <sub> <sup> <table> <td> <th> <tr> <tt> <u> <ul>
Snippets of code should be wrapped in <code> tags not <pre> tags. In fact, <pre> tags should generally be avoided. If they must be used, extreme care should be taken to ensure that their contents do not have long lines (<70 chars), in order to prevent horizontal scrolling (and possible janitor intervention).
Want more info? How to link or How to display code and escape characters are good places to start.


XP is just a number
	PerlMonks