Results 1 to 10 of 10

Thread: Shadow password

  1. #1
    Join Date
    Apr 2006

    Shadow password

    During login you enter your username and your password.

    Assume for example your name is:


    and your password is:


    In old unix system these information are stored togheter in:


    goofy : pippo : other_information

    Nowdays if you look in this file you cannot see your password stored after the username, instead you find an x char.

    goofy : x : other_information

    The password, for security reason is in another file:


    goofy : $1$QIGCa$/ruJs8AvmrknzKTzM2TYE. : other_information

    Naturally the password is stored not in clear text but is the 'hash' of the real password string.

    Password: pippo

    Hash-Password: $1$QIGCa$/ruJs8AvmrknzKTzM2TYE.

    The algorithm used to hash the password is the md5.

    But this is not the end of the story.

    If you try some program to calculate hash of a string an you put in input your password you don't find as result the desired hash_password string used in the file shadow.


    Because in shadow is used a particular md5-salted version of the md5 algorithm.

    To summarize, to generate the string that you find in the shadow file you need two things:

    - your password
    - the salt string

    But i never used a salt string during my login?

    Correct, but the string was the same generated by the system and is used every time you login.

    Where i can find this salt string?

    In the shadow file!

    I describe the different part of the string and their different meaning.

    You can divide the string in four parts

    $1$ - QIGCa - $ - /ruJs8AvmrknzKTzM2TYE.

    1. $1$ > is a special string meaning that the md5 algorithm is used
    2. QIGCa > is the desired salt
    3. $ > works like a space, a separation char
    4. /ruJs8AvmrknzKTzM2TYE. > is the hash of the password+salt

    Why a salt?

    Bacause rainbow table can help you in find clear password from hash-version of the password:

    How can i generate all the $1$QIGCa$/ruJs8AvmrknzKTzM2TYE. string?

    I show you two way:


    openssl passwd -1 -salt QIGCa pippo

    perl -e 'print crypt("pippo", "\$1\$QIGCa"),"\n"'

    Hope i help someone!

  2. #2
    Join Date
    Apr 2009

    Re: Shadow password

    Excellent!! Exactly what I needed...thanks so much.

  3. #3
    Join Date
    Oct 2007

    Re: Shadow password

    pretty cool intro to password system

    Its never too early, nor ever too late to start.

  4. #4
    Join Date
    Dec 2007
    Chisinau, Moldova
    Kubuntu Karmic Koala (testing)

    Re: Shadow password

    Thank you! Exactly what I was looking for.

  5. #5
    Join Date
    Apr 2007

    Re: Shadow password

    Great job, dude! I was in trouble, but I'm not there already!
    Thanks a lot you for sharing your experience, this superb forum for connecting people and Google for help to find useful stuff!

  6. #6
    Join Date
    Jan 2010

    Re: Shadow password

    wow great job

  7. #7
    Join Date
    Aug 2008
    Ubuntu 12.04 Precise Pangolin

    Re: Shadow password


    I'm using Ubuntu 11.04.
    This is the string in /etc/shadow for user1 :
    $6 ==> this means is it using some other algorithm (not MD5 ) ??
    $6 - $ - VktFMBNd$kUQHa7kXnNoaigIsjIqqMYiHIe2YDHxV.advXV98H 7Y./zSYKSNoBPg986KW/Iw56hY0dLKz1eXObRBndFytF1
    I could not match with the one specified in the first post.
    Never hate your Enemy. It will affect your Judgement !

  8. #8
    Join Date
    Jun 2011
    Atlanta Georgia
    Ubuntu 10.04 Lucid Lynx

    Re: Shadow password

    $6$ is SHA-512.

  9. #9
    Join Date
    Nov 2011

    Re: Shadow password

    What is the point of the salt if it is stored in plain text?

    Please correct my assumptions:

    1. you use a rainbow table to hasten the goal of matching a hash to its plaintext
    2. you need to already have the hashed password
    3. if you have the hashed password, you likely have the shadow file, which means you have the salt
    4. you can just integrate the salt when making your rainbow table

  10. #10
    Join Date
    Mar 2012

    Re: Shadow password

    Bulldozer assumes:
    1. you use a rainbow table to hasten the goal of matching a hash to its plaintextTrue - in general. But you won't use rainbow tables with a salted password. See #4.

    2. you need to already have the hashed password
    I think you mean you can see the user's hashed password. Kinda'. To be precise, you'll need the hash of the *combined* salt plus password.

    3. if you have the hashed password, you likely have the shadow file, which means you have the salt
    True, you will have the salt (assuming you're cracking UNIX-like shadow file).

    4. you can just integrate the salt when making your rainbow table
    True-ish. You will use the salt combined with wordlists/character-strings to generate all possible hashes, but you almost certainly will *not* save that as a rainbow table.

    Why not? Because that rainbow table would only ever be useful if you found another password with the exact same salt. Not likely! You'd need to create millions of fully populated rainbow tables. Yikes.

    So what you'd really do is combine the one salt you found, with all words and combinations in your list, to try and crack that one password one time.

    So cracking the one salt/password combination is still possible, due to the salt being in plain text. It's true. Brute force/dictionary attacks are aided by attackers knowing the salt. Unfortunately. But the tradeoff is that rainbow table attacks become impractical.

    Wikipedia on "salt(cryptography)":
    A simple dictionary attack is still very possible, although much slower since it cannot be precomputed.


Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts