I recently needed to figure out the format of the hashes that ITIM uses. Both passwords and answers to challenge questions get stored in this format. Generally, it looks like this:
MD5:ZWFmaXJtdGN1bjl5:mt/Hk05PXfeo/AzjF4P/cA==
The first field is the hash type, in this case, MD5. The second field is the base64-encoded salt, which is 12 random characters of lowercase letters and digits. The third field is the base64-encoded binary hash.
So to check hashes like this on a system with bash and openssl:
echo -n "$(echo Z3Q0emd4MXUwMDkw|openssl base64 -d)school" \
| openssl md5 -binary \
| openssl base64 -e
Or to convert them to a more standard format, suitable for use with, say, John the Ripper:
cat file-with-hashes.txt \
| while IFS=: read TYPE SALT HASH; do
echo -n "\$$(echo -n $TYPE|tr A-Z a-z)\$"
echo $SALT|openssl base64 -d
echo -n "\$"
echo $HASH|openssl base64 -d|xxd -p
done
IBM Tivoli Identity Manager (ITIM) hash format
Subscribe to:
Post Comments (Atom)
0 comments:
Post a Comment