Hello,

I am currently working on a project and have hit a brick wall.

I will try to keep this short... basically we have Coldfusion app that will be query'ing our LDAP server for a login page authentication. Since we can't decrypt the passwords stored we are going to encrypt the user-provided password and match the encrypted form to validate.

However, I can't seem to figure out how the system is encrypting things.

I found on an OpenLDAP mailing list that OpenLDAP just uses the system encryption.

The system is CentOS 4.7.

This is the output of /etc/sysconfig/authconfig:

USEMD5=yes
USECRACKLIB=yes
USEDB=no
USEHESIOD=no
USELDAP=yes
USENIS=no
USEPASSWDQC=no
USEWINBIND=no
USEKERBEROS=no
USELDAPAUTH=yes
USESHADOW=yes
USESMBAUTH=no
USEWINBINDAUTH=no
USELOCAUTHORIZE=yes
USEPAMACCESS=no
PASSWDALGORITHM=md5

While it says MD5, from what I can see it isn't just a normal md5 string (maybe has a salt added to it? If so, how do you get the salt?)

Maybe I'm completely on the wrong track, can anyone help?

The strings all start with "$1$" if that helps any.

Thank you so much!

$1$ - magic
3fQZxCjC$ - salt
NyvYFE2.n4/h1mrXDTxqA0 - Hash

Python Example:

/etc/shadow
nomb:$1$3fQZxCjC$NyvYFE2.n4/h1mrXDTxqA0:14524:0:99999:7:::

>>> import crypt
>>> print crypt.crypt("password", "$1$3fQZxCjC$")
$1$3fQZxCjC$NyvYFE2.n4/h1mrXDTxqA0

You can either check the source for crypt to see how the crypt function works, or you can look here which is another function that does the same thing:

md5crypt

Thanks so much, I will give this a try tomorrow. I actually tried a variant of what you said but I believe I missed one part (ugh).

Not a cryptography person in the least.

Thanks again, much appreciated.

Not a problem, enjoy.