Netscape Ldap ldif file SHA password cracking

From: m a (aznxy@yahoo.com)
Date: Mon Nov 29 2004 - 22:37:21 EST

Next message: Greg Kuhnert: "Inprotect - New Release"
Previous message: Yvan L: "Re: Citrix"
Next in thread: Anders Thulin: "Re: Netscape Ldap ldif file SHA password cracking"
Reply: Anders Thulin: "Re: Netscape Ldap ldif file SHA password cracking"
Maybe reply: miguel.dilaj@pharma.novartis.com: "Re: Netscape Ldap ldif file SHA password cracking"
Maybe reply: m a: "Re: Netscape Ldap ldif file SHA password cracking"
Reply: noconflic: "Re: Netscape Ldap ldif file SHA password cracking"
Maybe reply: Bénoni MARTIN: "RE: Netscape Ldap ldif file SHA password cracking"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

('binary' encoding is not supported, stored as-is) I am trying to crack passwords in an ldif file downloaded using ldapminer. The server seems to be Netscape ldap based on this ldif section:

    server type is : netscape
    Netscape Checks enabled

I firstly tried using Lumberjack (http://www.phenoelit.de/lj/docu.html)

    lj -w wordlist.txt -f myldap.ldif -V

This is what I got as a result...

    (c) 1999 by Phenoelit (http://www.phenoelit.de/)
    Version 0.2.7b
    100.00 %
    making list unique ...done
    Cleaning ... done
    Collecting ldif user informations ...
    0 users with password found ...
    Entering wordlist mode ...

These are some entries in the ldif file:

        attribute: authpassword
                value[0]: {seeGpA7K}

        attribute: authpassword
                value[0]: {om7b8U3NJ2E}

        attribute: userpassword
                value[0]: {SHA}hEqt9R50vHZ+EheHW+JOJKvNWpw=

        attribute: userpassword
                value[0]: {SHA}+A0MoQHpZ7ULcw3fjorKDehejfY=

So it seems that it is SHA based encryption at least in the latter entries. I don't have a clue what the differect between authpassword and userpassword is...
I tried John the Ripper (http://www.openwall.com//john/) patching with the Netscape diff files and recompiling. I basically put a SHA hash like the above in a txt file and fed into john

     john -format:SHA hash.txt

John still however does not support SHA after the patching so I am not sure what to put in as format.

Any ideas would be appreciated as I am really stuck at this point.

Thanks in advance.

Next message: Greg Kuhnert: "Inprotect - New Release"
Previous message: Yvan L: "Re: Citrix"
Next in thread: Anders Thulin: "Re: Netscape Ldap ldif file SHA password cracking"
Reply: Anders Thulin: "Re: Netscape Ldap ldif file SHA password cracking"
Maybe reply: miguel.dilaj@pharma.novartis.com: "Re: Netscape Ldap ldif file SHA password cracking"
Maybe reply: m a: "Re: Netscape Ldap ldif file SHA password cracking"
Reply: noconflic: "Re: Netscape Ldap ldif file SHA password cracking"
Maybe reply: Bénoni MARTIN: "RE: Netscape Ldap ldif file SHA password cracking"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:54:09 EDT