Cryptography visualizing the rho structure of sha256/10 |
| visualizing the rho structure of sha256/10 Posted: 29 Jul 2018 12:03 PM PDT |
| Found vulnerable hashing issue in our environment but need help reversing it Posted: 29 Jul 2018 06:55 PM PDT hi all, I am having issues with Python and probably some logic issues as well. If anyone reads this post and figures out that there is a better way to do this, then I am all ears.... Long story short: I identified that my company has an issue where there is a readable attribute in our Active directory attached to every user. The attribute for every user can be read by ANY user and it turns out that it is a hash of the user's active directory credentials. It exists because we are using some deprecated Oracle password sync feature that allows AD users to login to the Oracle database with their AD creds(but not using kerberos). The function takes the users password, and converts it to a SHA1 hash (in hex), then converts it to binary and base64 encodes the value.sha->binary->base64 I was able to verify this is the exact process by taking the Password "Summer2018!"'s SHA1 hash and plugging it into python: >>> b64encode(b16decode('20646E51D0489F449EAFB3858260F1DB7FF6EE0F')).lower() I am able to get the LDAP base 64 encoded sha1 hash but I have an issue. I want to reverse this process in python where i have the base64 encoded binary of the sha1 hash already, and step it back so it is the sha1hash, I am moving the commands above around with no luck at getting the right hash. No idea what I am doing wrong. Example: b16encode(b64decode('igruudbin0ser7ofgmdx23/27g8=')).lower() I thought reversing the above would work but it actually gives me a completely differerent sha1 hash.... >>> b16encode(b64decode('igruudbin0ser7ofgmdx23/27g8=')).lower() '8a0aeeb9d6e29f4b1eafba1f826771db7ff6ee0f' Can one of you much smarter people please help me !! :( [link] [comments]  |
| You are subscribed to email updates from Cryptography news and discussions. To stop receiving these emails, you may unsubscribe now. | Email delivery powered by Google |
| Google, 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States | |
No comments:
Post a Comment