---------------------------------------
configure account admin encrypted
452tVo$nEbHpfJFTUGyBrqmtY8q3.
452tVo$nEbHpfJFTUGyBrqmtY8q3.
create account user "user" encrypted "yN/tVo$ARBcY8KlQBq.lvJg2nc5F."
--------------------------------------
I don't know of any tools for this specific hash, but if you're trying
to work out the algorithm, there's a few questions that need answered.
First off, this looks a lot like base64 encoding right? But not
quite...
Base64 strings are generally made up of the [A-Za-z0-9/+=] character
set, with '=' being a padding character. Your strings have mysterious
'.' and '$'. Why? I've seen variants of base64 where '/', '+', and/or
'=' are simply translated to another character because these are
inconvenient in the specific context. For instance on your command
line, perhaps '=' and '+' are operators and it's a pain to escape them.
One of your hashes has a '/' so '.' may map to equals or plus.
Now as for your '$', it could also map to equals or plus, but it's quite
the coincidence that the $ appears at the same position in both hashes.
I suspect it's simply a delimiter to separate a salt from the hash. The
padding seems a little wonky, but you could have a base64 encoded salt
of say 32 bits, followed by a hash of perhaps 128 bits. Just depends on
how what you think the '.' character is all about. More example hashes
would be helpful here.
good luck,
tim
------------------------------------------------------------------------
This list is sponsored by: Cenzic
Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!
http://www.cenzic.com/downloads
------------------------------------------------------------------------
