El día Wednesday, January 15, 2014 a las 10:29:21AM +0100, Matthias Apitz escribió:
but when I run the original string through decode, I get only binary nonsense from:
echo -n 'MgwfkqCnGu2XUvmW3sNnrZ9pV0TJl/CD' | mmencode -u 2 §íRùÞÃg-ð
Remember: A byte is 8 bits; any combination. Just count bytes. Maybe this:
echo -n 'MgwfkqCnGu2XUvmW3sNnrZ9pV0TJl/CD' | mmencode -u | hexdump -C
Thanks for the feedback; I have tried this already before:
$ echo -n 'MgwfkqCnGu2XUvmW3sNnrZ9pV0TJl/CD' | mmencode -u | od -tx1 0000000 32 0c 1f 92 a0 a7 1a ed 97 52 f9 96 de c3 67 ad 0000020 9f 69 57 44 c9 97 f0 83
but was thinking the salt, the last 4 bytes (0xc997f083) should have been in ASCII... do they really seed with binary in LDAP?
... but you are correct! it is the salt and it works fine when I hash the users clear text pw with this salt "\xc9\x97\xf0\x83" like this (blanking out the pw with XXXXXXXXXX):
#!/usr/bin/perl # use Digest::SHA1; use MIME::Base64; $ctx = Digest::SHA1->new; $ctx->add('XXXXXXXXXX'); $ctx->add("\xc9\x97\xf0\x83"); $hashedPasswd = '{SSHA}' . encode_base64($ctx->digest . "\xc9\x97\xf0\x83" ,''); print 'userPassword: ' . $hashedPasswd . "\n";
it prints the correct SSHA hash:
$ ./sha.pl userPassword: {SSHA}MgwfkqCnGu2XUvmW3sNnrZ9pV0TJl/CD
Thanks!
matthias