• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 632
  • Last Modified:

Create salted MD5 passwort for /etc/shadow

Hi

I am trying to generate a salted md5 hash in C with the propper format "$1$salt$hash" for the /etc/shadow file.

I am not quite sure if $1$ should be part of the salt or not? Right now I use the following code to generate a salt and create the passwort using crypt()

char salt[9];
  char full[50];

  int i = 0;
  static char *choices = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz"
                         "0123456789./";

  for(i = 0; i<8; i++)
  {
    salt[i] = choices[random_in_range(0, strlen(choices) - 1)];
  }
  salt[8] = 0;

  sprintf(full,"$1$%s",salt);

  /* Loop thru passwd file */
  char pw[100];

  sprintf(pw,"$1$%s$%s",salt,crypt(password, full));

Open in new window


Any hint would be great!
0
Chris Sandrini
Asked:
Chris Sandrini
1 Solution
 
Chris SandriniSenior System EngineerAuthor Commented:
Nevermind. I found a solution to even create SHA-512 passwords. This is my code

int setPassword(const char *password)
{
  FILE* fps;

  struct spwd *sp;
  memset(&sp, 0, sizeof(sp));

  if (!(fps = fopen("/etc/shadow", "r+"))) {
    return 0;
  }

  char user[20] = "amber";
  char salt[9];
  char full[50];

  int i = 0;
  static char *choices = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz"
                         "0123456789./";

  for(i = 0; i<8; i++)
  {
    salt[i] = choices[random_in_range(0, strlen(choices) - 1)];
  }
  salt[8] = 0;

  sprintf(full,"$6$%s",salt);

  /* Loop thru passwd file */
  char pw[100];

  sprintf(pw,"%s",crypt(password, full));



  while ((sp = getspent()) != NULL) {
    if (strcmp(sp->sp_namp,user) == 0 ) {
      strcpy(sp->sp_pwdp,pw);
      putspent(sp, fps);
    } else {
      putspent(sp,fps);
    }
  }

  fclose(fps);

  return 1;
}

Open in new window

0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Get your problem seen by more experts

Be seen. Boost your question’s priority for more expert views and faster solutions

Tackle projects and never again get stuck behind a technical roadblock.
Join Now