UnrealIRCd Forums

Welcome to the UnrealIRCd Forums!
https://forums.unrealircd.org/

MD5 hash (/mkpasswd)

https://forums.unrealircd.org/viewtopic.php?t=3379

Page 1 of 1

MD5 hash (/mkpasswd)

Posted: Fri Jun 02, 2006 8:56 pm
by JanisB
-irc.server- *** Authentication phrase (method=md5, para=lamepass) is: $uefFGjJ8$2FIIdZ3PuK95++K39zNftw==
-irc.server- *** Authentication phrase (method=md5, para=lamepass) is: $NBdD7saT$aflh9NSYutGvmVv29Q3qOQ==
-irc.server- *** Authentication phrase (method=md5, para=lamepass) is: $K8pTAAME$FLYLNK2/J8KwyrxWb3ZdeA==

Really!?, in my opinion MD5 hash of "lamepass" is "85fce5a77788bb03cbd3fb3d396be023"

Posted: Fri Jun 02, 2006 9:23 pm
by Syzop
We use salted MD5's, this is much more secure than standard MD5 since it prevents know-plaintext-ciphertext attack methods such as rainbowcrack which could crack any a-z{8} password in a few minutes (just as an example).
The salt is random, hence every time different output even if you encrypt the same string (ciphertext is affected by salt as well, hence also different).

Posted: Fri Jun 02, 2006 9:34 pm
by JanisB
OK, so, how i can compare hashes, if /mkpasswd is using ANOTHER salt each time? :)

Posted: Fri Jun 02, 2006 9:40 pm
by Syzop
that's the mystery...

No, seriously, read the code if you really want to know, but.. I don't have time to explain it all :P

Posted: Fri Jun 02, 2006 11:42 pm
by Jason
$K8pTAAME$FLYLNK2/J8KwyrxWb3ZdeA==

That is the result of md5ing boringpass and K8pTAAME (between the $$) together.

To compare, select the part between the $$, and md5 testpass and that salt.


I dont know exactly how to combine them for md5, because I havnt rtfs on this in quite some time.
All times are UTC
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited