Solved

Create salted MD5 passwort for /etc/shadow

Posted on 2012-12-30
1
622 Views
Last Modified: 2012-12-30
Hi

I am trying to generate a salted md5 hash in C with the propper format "$1$salt$hash" for the /etc/shadow file.

I am not quite sure if $1$ should be part of the salt or not? Right now I use the following code to generate a salt and create the passwort using crypt()

char salt[9];
  char full[50];

  int i = 0;
  static char *choices = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz"
                         "0123456789./";

  for(i = 0; i<8; i++)
  {
    salt[i] = choices[random_in_range(0, strlen(choices) - 1)];
  }
  salt[8] = 0;

  sprintf(full,"$1$%s",salt);

  /* Loop thru passwd file */
  char pw[100];

  sprintf(pw,"$1$%s$%s",salt,crypt(password, full));

Open in new window


Any hint would be great!
0
Comment
Question by:un1x86
1 Comment
 
LVL 11

Accepted Solution

by:
un1x86 earned 0 total points
ID: 38731376
Nevermind. I found a solution to even create SHA-512 passwords. This is my code

int setPassword(const char *password)
{
  FILE* fps;

  struct spwd *sp;
  memset(&sp, 0, sizeof(sp));

  if (!(fps = fopen("/etc/shadow", "r+"))) {
    return 0;
  }

  char user[20] = "amber";
  char salt[9];
  char full[50];

  int i = 0;
  static char *choices = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz"
                         "0123456789./";

  for(i = 0; i<8; i++)
  {
    salt[i] = choices[random_in_range(0, strlen(choices) - 1)];
  }
  salt[8] = 0;

  sprintf(full,"$6$%s",salt);

  /* Loop thru passwd file */
  char pw[100];

  sprintf(pw,"%s",crypt(password, full));



  while ((sp = getspent()) != NULL) {
    if (strcmp(sp->sp_namp,user) == 0 ) {
      strcpy(sp->sp_pwdp,pw);
      putspent(sp, fps);
    } else {
      putspent(sp,fps);
    }
  }

  fclose(fps);

  return 1;
}

Open in new window

0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This tutorial is posted by Aaron Wojnowski, administrator at SDKExpert.net.  To view more iPhone tutorials, visit www.sdkexpert.net. This is a very simple tutorial on finding the user's current location easily. In this tutorial, you will learn ho…
Summary: This tutorial covers some basics of pointer, pointer arithmetic and function pointer. What is a pointer: A pointer is a variable which holds an address. This address might be address of another variable/address of devices/address of fu…
The goal of this video is to provide viewers with basic examples to understand how to create, access, and change arrays in the C programming language.
The goal of this video is to provide viewers with basic examples to understand and use conditional statements in the C programming language.

830 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question