Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 788
  • Last Modified:

Using openssl to create Cryptographic Hash Values SHA-512

How can I produce the same hash digest for user1's password using openssl?

user1's password is
HelloWorld

root@kali:~# cat /etc/shadow | grep user1
user1:$6$GRZcztBQ$.eHNZsczu4D3g7bsGkZlVKi14nLG/5W8WXXr7vKbziwkKHCnq3fvBO.j1KPcVxyTqy/5.DXZy4lD8QqH1H2bH/:16458:0:99999:7:::
root@kali:~#

Open in new window

In my openssl command below, I don't get the same hash value as stored in /etc/shadow for user1. What am I doing wrong? I'm even using the same salt.

root@kali:~# echo -n \$GRZcztBQ\$HelloWorld | openssl dgst -sha512
(stdin)= 0afd50eb46b2004be59c3ac2b53e456e5359dc20debe561afabafdaac0eda7d1e666b766de537bbc663f8b2290f2177fc16659e874c05ce5651f0722c65f901c
root@kali:~#

Open in new window


Thank you for your help! I really appreciate it.

CV
0
cv 127001
Asked:
cv 127001
  • 2
  • 2
1 Solution
 
OriNetworksCommented:
openssl does not support this apparently
0
 
cv 127001Author Commented:
Thank you. Really? Wow! I'm a little confused because when I ask it to list supported hash digests, SHA512 is listed. May I ask where you got the information so that I can read-up a little more on it?  Thank you. This is the first time I use experts-exchange, so I don't know if accepting your solution now will prevent you to post to it again.
0
 
OriNetworksCommented:
Sorry for such a blunt answer and I would prefer to be wrong about this.  If you look at the formatting of the password in the shadow file vs the openssl output you will see the shadow file has characters like / and . and the output of openssl simply gives you  plain digest as you requested.

The correct openssql command would be something like openssl passwd -1 but as I stated it does not support sha512. I was also curious after I came across this question and did some more research but haven't been able to find why this isn't supported as many other methods seem to be fine getting to the result you are trying to achieve.

You have a full list of supported commands here
http://wiki.openssl.org/index.php/Command_Line_Utilities
0
 
cv 127001Author Commented:
OriNetwork, THANK YOU very much. I really appreciate the help. Strange that it doesn't support. Oh well, thanks to know, now I know why they don't match.
0

Featured Post

 The Evil-ution of Network Security Threats

What are the hacks that forever changed the security industry? To answer that question, we created an exciting new eBook that takes you on a trip through hacking history. It explores the top hacks from the 80s to 2010s, why they mattered, and how the security industry responded.

  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now