convert plain-text password to MD5 salted hash

Question 1

convert plain-text password to MD5 salted hash

salt md5sum

Martin · Dec 11, 2011 · Viewed 10.8k times · Source

Answer

Answer

I'm on Linux and I am not sure whether FreeBSD actually uses the same algorithm, but you can take a look at these sources of information (hope the same is on FreeBSD):

Based on the last page, this PHP script will produce the output you expect (given your password and salt):

<?php
$password = 'Test11';
$salt = '$1$7wtGfwgp$';
echo 'Crypt hash: ' . crypt($password, $salt) . "\n"
?>

You can do the same using e.g. Python:

import crypt

password = 'Test11'
salt = '$1$7wtGfwgp$'
print(crypt.crypt(password, salt))

based on this Python doc page:

http://docs.python.org/library/crypt.html

Based on the Wikipedia article:

http://en.wikipedia.org/wiki/Crypt_(Unix)

you can see the source of crypt function e.g. here:

http://google.com/codesearch/p#ZWtxA-fyzBo/UnixArchive/PDP-11/Distributions/research/Henry_Spencer_v7/v7.tar.gz%7C118goTAkg2o/usr/src/libc/gen/crypt.c

As a side note, here's a nice online hash generator:

http://insidepro.com/hashes.php?lang=eng

Hope this helps.

Question 2

For example under FreeBSD passwords are stored in /etc/master.passwd like this:

$1$7wtGfwgp$772bEQInetnJKUNtLM0Xt/

The password I used was "Test11". As I understand, $1$ means that it's a hashed MD5 crypt? How can one come up with the final hash "772bEQInetnJKUNtLM0Xt/" if he is aware of salt and password and uses md5sum? As I understand, it should be something like:

$ echo -n $(echo -n 7wtGfwgp)$(echo -n Test11) | md5sum

..but this doesn't quite match up. What am I doing wrong?

PS I'm asking this in order to understand the password hashing system under UNIX-like operating systems.

convert plain-text password to MD5 salted hash

Answer

Related questions