Results 1 to 2 of 2
Thread: Need help duplicating password
|
Enjoy an ad free experience by logging in. Not a member yet? Register.
|
|
-
10-07-2009 #1
- Join Date
- Oct 2009
- Posts
- 1
Need help duplicating password
I am currently working on a project and have hit a brick wall.
I will try to keep this short... basically we have Coldfusion app that will be query'ing our LDAP server for a login page authentication. Since we can't decrypt the passwords stored we are going to encrypt the user-provided password and match the encrypted form to validate.
However, I can't seem to figure out how the system is encrypting things.
I found on an OpenLDAP mailing list that OpenLDAP just uses the system encryption.
The system is CentOS 4.7.
This is the output of /etc/sysconfig/authconfig:
USEMD5=yes
USECRACKLIB=yes
USEDB=no
USEHESIOD=no
USELDAP=yes
USENIS=no
USEPASSWDQC=no
USEWINBIND=no
USEKERBEROS=no
USELDAPAUTH=yes
USESHADOW=yes
USESMBAUTH=no
USEWINBINDAUTH=no
USELOCAUTHORIZE=yes
USEPAMACCESS=no
PASSWDALGORITHM=md5
While it says MD5, from what I can see it isn't just a normal md5 string (maybe has a salt added to it? If so, how do you get the salt?)
Maybe I'm completely on the wrong track, can anyone help?
The strings all start with "$1$" if that helps any.
Thank you so much!
-
11-18-2009 #2