Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Pen-Test
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: Extreme Networks password hash

from [Alexander Sandström Krantz A] Network Security [Permanent Link]
Subject: RE: Extreme Networks password hash
Date: Mon, 21 Apr 2008 08:51:19 +0200 
Thank you for all your help, it's appreciated!

Adding $1$ to the hashes before running JtR works perfect, just didn't know
that you had to do that (but I should probably have been able to guess that
by looking at /etc/shadow or such).

Cheers,
Alexander

-----Original Message-----
From: listbounce@securityfocus.com [mailto:listbounce@securityfocus.com] On
Behalf Of razi garbie
Sent: den 18 april 2008 08:44
To: Alexander Sandström Krantz A
Cc: pen-test@securityfocus.com
Subject: Re: Extreme Networks password hash

Hey,

I do recognize the hash but cant point out which it is..
However, you could try john the ripper against it, in most cases JTR tells
you what hash is used.

// Good luck, RG

2008/4/17, Alexander Sandström Krantz A
<alexander.a.sandstrom.krantz@ericsson.com>:

Hi!
 I'm interested in finding out what kind of hash Extremeware (v 7.7) 
uses to  encrypt user passwords. The reason is that I'm trying to find 
out how to  perform a (dictionary or bruteforce) password attack 
against an Extreme  Networks switch. I could use Medusa or THC-Hydra 
to perform a remote attack,  but I would like to avoid it if it's not 
necessary because of the performance  drawbacks.

 I've read through the documentation provided by Extreme, but found 
nothing. I  know that to set up the admin account with an empty 
password, and create an  account "user", also with an empty password, 
the following configuration is
 used:

 ---------------------------------------
 configure account admin encrypted
 452tVo$nEbHpfJFTUGyBrqmtY8q3.
 452tVo$nEbHpfJFTUGyBrqmtY8q3.
 create account user "user" encrypted "yN/tVo$ARBcY8KlQBq.lvJg2nc5F."
 --------------------------------------

 As these commands contain different hashes, even though both users 
are given  emtpy passwords, I guess the hash is salted. From the 
length I also guess that  it's SHA224, but that is a complete guess as I

really have no idea.


 Does anyone know about the kind of hash used, or recognize the ones 
in the  configuration? If you do, would you happen to know any tool 
that can perform  an attack against this kind of hash?

 Cheers,

Alexander




------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------

Attachment: smime.p7s
Description: S/MIME cryptographic signature

[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Tutorial on Wireless packet sniffing, Michael Painter
Next by Date:  Metagoofil v1.4 released, Christian Martorella
Previous by Thread:  Re: Extreme Networks password hash, razi garbie
Next by Thread:  creating fake APs, bLiTz
Indexes:  [Date] [Thread] [Top] [All Lists]