.

help with a hash

<<

SephStorm

User avatar

Hero Member
Hero Member

Posts: 570

Joined: Sat Apr 17, 2010 12:12 pm

Post Wed Jun 08, 2011 2:54 am

help with a hash

Hello All,

recently I came across a few new tools in my search for knowledge and one of them is the IDS distro Security Onion. Now I wont go over the situation at this time, but long story short, I needed access to the root account. During install you create a user account and according to the project documentation the root password is blank. I found that not to be true.

So I booted from the install media and entered debug mode which allowed me to login as an account that doesnt exist on the install version (the securityonion account referred to in the documentation...) IAC I was able to sudo cat the /etc/shadow file and send it to my linux VM with John on it.

Again, to keep this short, John did not seem to detect this hash, and online hash programs seem to have issue with it as well. I have two questions for you super hackers, 1. what kind of has is this, and 2. what is the password?

FYI, before anyone says anything, I figured out that my user account has suo and changed the password, so there is no risk of disclosure... as long as everyone using this distro changed the default password...

root:$6$AlvPANXN$U01UG4dM95nb/tAdSZe0bFxOuT0E9PX2SgxI2GLWp5QQJHTvxzpDhtW4nk4XZqLozPKzTj13jM1elzfdPV0M71
sectestanalysis.blogspot.com/‎
<<

Data_Raid

User avatar

Full Member
Full Member

Posts: 165

Joined: Fri Nov 09, 2007 5:55 am

Post Wed Jun 08, 2011 4:03 am

Re: help with a hash

That password is a SHA-512 hash, starts with $6$ (86 characters)
Extra info: SHA-256 hashes start with $5$ (43 Characters)
MD5 hashes start with $1$ (22 characters)
Blowfish hashes start with $2$ or $2a$ (depending on the variant used)

I'll work on the password hash and let you know if I crack it  ;)
All men by nature desire knowledge.

Aristotle
<<

hell_razor

User avatar

Jr. Member
Jr. Member

Posts: 90

Joined: Wed Jul 14, 2010 10:44 am

Post Wed Jun 08, 2011 9:51 am

Re: help with a hash

You may not need access to *that* root password.

sudo -s
type in your user password.

Should give you a root prompt.

Then you can

passwd root

to change the password.  I have not played with that distro yet, but should work.
A+, Network+, Server+, CISSP, GSEC, GCIH, GPEN, GCIA, GISP, GCFW

Return to Network Pen Testing

Who is online

Users browsing this forum: No registered users and 2 guests

.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software