Solved

Create salted MD5 passwort for /etc/shadow

Posted on 2012-12-30
1
618 Views
Last Modified: 2012-12-30
Hi

I am trying to generate a salted md5 hash in C with the propper format "$1$salt$hash" for the /etc/shadow file.

I am not quite sure if $1$ should be part of the salt or not? Right now I use the following code to generate a salt and create the passwort using crypt()

char salt[9];
  char full[50];

  int i = 0;
  static char *choices = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz"
                         "0123456789./";

  for(i = 0; i<8; i++)
  {
    salt[i] = choices[random_in_range(0, strlen(choices) - 1)];
  }
  salt[8] = 0;

  sprintf(full,"$1$%s",salt);

  /* Loop thru passwd file */
  char pw[100];

  sprintf(pw,"$1$%s$%s",salt,crypt(password, full));

Open in new window


Any hint would be great!
0
Comment
Question by:un1x86
1 Comment
 
LVL 11

Accepted Solution

by:
un1x86 earned 0 total points
ID: 38731376
Nevermind. I found a solution to even create SHA-512 passwords. This is my code

int setPassword(const char *password)
{
  FILE* fps;

  struct spwd *sp;
  memset(&sp, 0, sizeof(sp));

  if (!(fps = fopen("/etc/shadow", "r+"))) {
    return 0;
  }

  char user[20] = "amber";
  char salt[9];
  char full[50];

  int i = 0;
  static char *choices = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz"
                         "0123456789./";

  for(i = 0; i<8; i++)
  {
    salt[i] = choices[random_in_range(0, strlen(choices) - 1)];
  }
  salt[8] = 0;

  sprintf(full,"$6$%s",salt);

  /* Loop thru passwd file */
  char pw[100];

  sprintf(pw,"%s",crypt(password, full));



  while ((sp = getspent()) != NULL) {
    if (strcmp(sp->sp_namp,user) == 0 ) {
      strcpy(sp->sp_pwdp,pw);
      putspent(sp, fps);
    } else {
      putspent(sp,fps);
    }
  }

  fclose(fps);

  return 1;
}

Open in new window

0

Featured Post

Highfive Gives IT Their Time Back

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

This tutorial is posted by Aaron Wojnowski, administrator at SDKExpert.net.  To view more iPhone tutorials, visit www.sdkexpert.net. This is a very simple tutorial on finding the user's current location easily. In this tutorial, you will learn ho…
This is a short and sweet, but (hopefully) to the point article. There seems to be some fundamental misunderstanding about the function prototype for the "main" function in C and C++, more specifically what type this function should return. I see so…
The goal of this video is to provide viewers with basic examples to understand and use structures in the C programming language.
Video by: Grant
The goal of this video is to provide viewers with basic examples to understand and use while-loops in the C programming language.

747 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now