boris/G4G0-2
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

vault backup: 2025-01-30 17:33:17

Browse Source
This commit is contained in:
George Wilkinson
2025-01-30 17:33:17 +00:00
parent 8bc99d0497
commit 828d37e0c8
22 changed files with 1003 additions and 62 deletions
Download Patch File Download Diff File Expand all files Collapse all files

77
Networking and Security/Week 20/hashcat-exercise/view-sample-password.sh Executable file
View File

@@ -0,0 +1,77 @@
#!/bin/bash
#
# create (and destroy) a user account, in order to
# capture and display its password as stored in /etc/shadow
# and compare it the the password's pure hash
#
# david morgan 8/2014
#
clear
if [ $(id -u) -ne 0 ];then echo "This script must be run as root"; exit 1; fi
echo -n "Please supply a password: "; read password
user=testuser$RANDOM
useradd $user
echo -en "$password\n$password\n" | passwd $user &> /dev/null
record=$( tail -1 /etc/shadow )
userdel $user
passfield=$( echo $record | awk -F : '{print $2}' )
hashtype=$( echo $passfield | awk -F $ '{print $2}' )
salt=$( echo $passfield | awk -F $ '{print $3}' )
storedpass=$( echo $passfield | awk -F $ '{print $4}' )
echo -en "\nThis is the password record generated in /etc/shadow for a new user with your chosen password: \n\t$record"
echo -en "\nand this is its password related field: \n\t"; echo $record | awk -F : '{print $2}'
echo -en "\n...and these are that password field's components:\n"
echo -en "hash-type code $hashtype"
case $hashtype in
1 )
echo ' (md5)'
;;
5 )
echo ' (sha-256)'
;;
6)
echo ' (sha-512)'
;;
esac
echo -e "salt $salt"
echo -e "stored/scrambled password $storedpass"
echo
saltedpassword=$( echo ${salt}${password} )
echo -e "Salted password (password prefixed with salt):\n\t$saltedpassword"
case $hashtype in
6 )
echo -en "pure sha512 hash of this salted password:\n\t"
purehash=$(echo -n $saltedpassword | sha512sum | cut -d " " -f 1)
;;
5 )
echo -en "pure sha256 hash of this salted password:\n\t"
purehash=$(echo -n $saltedpassword | sha256sum | cut -d " " -f 1)
;;
1 )
echo -en "pure md5 hash of this salted password:\n\t"
purehash=$(echo -n $saltedpassword | md5sum | cut -d " " -f 1)
;;
esac
echo $purehash
cat<<EOF
Note that password processing with a given hash algorithm does something
OTHER than merely hash with that algorithm, as shown by the fact that
the stored/processed password ($storedpass)
and the pure hash ($purehash)
are NOT the same.
( see man 3 crypt and man mkpasswd )
EOF