什么是FreeBSD MD5，为什么它会产生非十六进制的哈希值? [英] What is FreeBSD MD5 and why does it produce hashes in non-hexadecimal notation?

问题描述

我正在接受黑客入侵本网站"的黑客攻击，在该网站中，我找到了密码哈希，然后通过强行破解手段将其破解.我的哈希饼干(开膛手约翰)使用的格式是"FreeBSD MD5".密码和哈希如下:PW:阴影哈希:$ 1 $ AAODv ... $ gXPqGkIO3Cu6dnclE/sok1

I am doing a hacking challenge from Hack This Site in which I found a password hash and then cracked it by brute forcing possibilities. The format that my hash cracker (John the Ripper) used was something called "FreeBSD MD5". The password and hash are the following: PW: shadow HASH: $1$AAODv...$gXPqGkIO3Cu6dnclE/sok1

我的问题是，MD5通常不是只有字符集0123456789abcdef(十六进制)吗?为什么此哈希突然包含其他字符?

My question is, doesn't MD5 normally only have the charset 0123456789abcdef (hexadecimal)? Why is this hash suddenly including a bunch of other characters?

截屏:

推荐答案

这是一个盐腌的密码哈希:

This is a salted password hash:

• $是字段分隔符
• 1是类型(MD5)
• AAODv ...是哈希的(纯文本)盐
• gXPqGkIO3Cu6dnclE/sok1是用base64编码的哈希值

为防止出现彩虹表:md5(salt + password))，并在哈希之前将盐与密码连接起来，并验证密码，在哈希之前必须为此盐添加前缀.

The salt is concatenated with the password before hashing to prevent rainbow tables: md5(salt + password)) and to verify a password, it must be prefixed with this salt prior to hashing.

在base64中表示哈希值使其比十六进制数字(23 vs 32字节)短一点.

Representing the hash in base64 makes it a bit shorter than by hex digits (23 vs 32 bytes).

这篇关于什么是FreeBSD MD5，为什么它会产生非十六进制的哈希值?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！