题外话:最近对加密的方式讨论挺火的

--------------*nix系------------------------

系统:ES(Unix)

例子: IvS7aeT4NzQPM

说明:Linux或者其他linux内核系统中

长度: 13 个字符

描述:第1、2位为salt,例子中的'Iv'位salt,后面的为hash值

系统:MD5(Unix)

例子:$1$12345678$XM4P3PrKBgKNnTaqG9P0T/

说明:Linux或者其他linux内核系统中

长度:34个字符

描述:开始的$1$位为加密标志,后面8位12345678为加密使用的salt,后面的为hash

加密算法:2000次循环调用MD5加密

系统:SHA-512(Unix)

例子:$6$12345678$U6Yv5E1lWn6mEESzKen42o6rbEm

说明:Linux或者其他linux内核系统中

长度: 13 个字符

描述:开始的$6$位为加密标志,后面8位为salt,后面的为hash

加密算法:5000次的SHA-512加密

系统:SHA-256(Unix)

例子:$5$12345678$jBWLgeYZbSvREnuBr5s3gp13vqi

说明:Linux或者其他linux内核系统中

长度: 55 个字符

描述:开始的$5$位为加密标志,后面8位为salt,后面的为hash

加密算法:5000次的SHA-256加密

系统:MD5(APR)

例子:$apr1$12345678$auQSX8Mvzt.tdBi4y6Xgj.

说明:Linux或者其他linux内核系统中

长度:37个字符

描述:开始的$apr1$位为加密标志,后面8位为salt,后面的为hash

加密算法:2000次循环调用MD5加密

-----------------windows------------------------------------------

系统:windows

例子:Admin:b474d48cdfc4974d86ef4d24904cdd91

长度:98个字符

加密算法:MD4(MD4(Unicode($pass)).Unicode(strtolower($username)))

------------------mysql--------------------------------------------

系统:mysql

例子:606717496665bcba

说明:老版本的MySql中

长度:8字节(16个字符)

说明:包括两个字节,且每个字的值不超过0x7fffffff

系统:MySQL5

例子:*E6CC90B878B948C35E92B003C792C46C58C4AF40

说明:较新版本的MySQL

长度:20字节(40位)

加密算法:SHA-1(SHA-1($pass))

------------------其他系统---------------------------------------------

系统:MD5(WordPress)

例子:$P$B123456780BhGFYSlUqGyE6ErKErL01

说明:WordPress使用的md5

长度:34个字符

描述:$P$表示加密类型,然后跟着一位字符,经常是字符‘B’,后面是8位salt,后面是就是hash

加密算法:8192次md5循环加密

系统:MD5(phpBB3)

说明:phpBB 3.x.x.使用

例子:$H$9123456785DAERgALpsri.D9z3ht120

长度:34个字符

描述:开始的$H$为加密标志,后面跟着一个字符,一般的都是字符‘9’,然后是8位salt,然后是hash 值

加密算法:2048次循环调用MD5加密

系统:RAdmin v2.x

说明:Remote Administrator v2.x版本中

例子:5e32cceaafed5cc80866737dfb212d7f

长度:16字节(32个字符)

加密算法:字符用0填充到100字节后,将填充过后的字符经过md5加密得到(32位值)

------------------------md5加密--------------------------------------------

标准MD5

例子:c4ca4238a0b923820dcc509a6f75849b

使用范围:phpBB v2.x, Joomla 的 1.0.13版本前,及其他cmd

长度:16个字符

其他的加salt及变形类似:

md5($pass.$salt)

例子: 6f04f0d75f6870858bae14ac0b6d9f73:1234

md5($salt.$pass)

例子:f190ce9ac8445d249747cab7be43f7d5:12

md5(md5($pass))

例子:28c8edde3d61a0411511d3b1866f0636

md5(md5($pass).$salt)

例子:6011527690eddca23580955c216b1fd2:wQ6

md5(md5($salt).md5($pass))

例子: 81f87275dd805aa018df8befe09fe9f8:wH6_S

md5(md5($salt).$pass)

例子: 816a14db44578f516cbaef25bd8d8296:1234

md5($salt.$pass.$salt)

例子: a3bc9e11fddf4fef4deea11e33668eab:1234

md5($salt.md5($salt.$pass))

例子: 1d715e52285e5a6b546e442792652c8a:1234

--------------------------------------------------------------------------------

DES(Unix)

Example: IvS7aeT4NzQPM

Used in Linux and other similar OS.

Length: 13 characters.

Description: The first two characters are the salt (random characters; in our example the salt is the string “Iv”), then there follows the actual hash.

Notes: [1] [2]

Domain Cached Credentials

Example: Admin:b474d48cdfc4974d86ef4d24904cdd91

Used for caching passwords of Windows domain.

Length: 16 bytes.

Algorithm: MD4(MD4(Unicode($pass)).Unicode(strtolower($username)))

Note: [1]

MD5(Unix)

Example: $1$12345678$XM4P3PrKBgKNnTaqG9P0T/

Used in Linux and other similar OS.

Length: 34 characters.

Description: The hash begins with the $1$ signature, then there goes the salt (up to 8 random characters; in our example the salt is the string “12345678″), then there goes one more $ character, followed by the actual hash.

Algorithm: Actually that is a loop calling the MD5 algorithm 2000 times.

Notes: [1] [2]

MD5(APR)

Example: $apr1$12345678$auQSX8Mvzt.tdBi4y6Xgj.

Used in Linux and other similar OS.

Length: 37 characters.

Description: The hash begins with the $apr1$ signature, then there goes the salt (up to 8 random characters; in our example the salt is the string “12345678″), then there goes one more $ character, followed by the actual hash.

Algorithm: Actually that is a loop calling the MD5 algorithm 2000 times.

Notes: [1] [2]

MD5(phpBB3)

Example: $H$9123456785DAERgALpsri.D9z3ht120

Used in phpBB 3.x.x.

Length: 34 characters.

Description: The hash begins with the $H$ signature, then there goes one character (most often the number ’9′), then there goes the salt (8 random characters; in our example the salt is the string “12345678″), followed by the actual hash.

Algorithm: Actually that is a loop calling the MD5 algorithm 2048 times.

Notes: [1] [2]

MD5(WordPress)

Example: $P$B123456780BhGFYSlUqGyE6ErKErL01

Used in WordPress.

Length: 34 characters.

Description: The hash begins with the $P$ signature, then there goes one character (most often the number ‘B’), then there goes the salt (8 random characters; in our example the salt is the string “12345678″), followed by the actual hash.

Algorithm: Actually that is a loop calling the MD5 algorithm 8192 times.

Notes: [1] [2]

MySQL

Example: 606717496665bcba

Used in the old versions of MySQL.

Length: 8 bytes.

Description: The hash consists of two DWORDs, each not exceeding the value of 0x7fffffff.

MySQL5

Example: *E6CC90B878B948C35E92B003C792C46C58C4AF40

Used in the new versions of MySQL.

Length: 20 bytes.

Algorithm: SHA-1(SHA-1($pass))

Note: The hashes are to be loaded to the program without the asterisk that stands in the beginning of each hash.

RAdmin v2.x

Example: 5e32cceaafed5cc80866737dfb212d7f

Used in the application Remote Administrator v2.x.

Length: 16 bytes.

Algorithm: The password is padded with zeros to the length of 100 bytes, then that entire string is hashed with the MD5 algorithm.

MD5

Example: c4ca4238a0b923820dcc509a6f75849b

Used in phpBB v2.x, Joomla version below 1.0.13 and many other forums and CMS.

Length: 16 bytes.

Algorithm: Same as the md5() function in PHP.

md5($pass.$salt)

Example: 6f04f0d75f6870858bae14ac0b6d9f73:1234

Used in WB News, Joomla version 1.0.13 and higher.

Length: 16 bytes.

Note: [1]

md5($salt.$pass)

Example: f190ce9ac8445d249747cab7be43f7d5:12

Used in osCommerce, AEF, Gallery and other CMS.

Length: 16 bytes.

Note: [1]

md5(md5($pass))

Example: 28c8edde3d61a0411511d3b1866f0636

Used in e107, DLE, AVE, Diferior, Koobi and other CMS.

Length: 16 bytes.

md5(md5($pass).$salt)

Example: 6011527690eddca23580955c216b1fd2:wQ6

Used in vBulletin, IceBB.

Length: 16 bytes.

Notes: [1] [3] [4]

md5(md5($salt).md5($pass))

Example: 81f87275dd805aa018df8befe09fe9f8:wH6_S

Used in IPB.

Length: 16 bytes.

Notes: [1] [3]

md5(md5($salt).$pass)

Example: 816a14db44578f516cbaef25bd8d8296:1234

Used in MyBB.

Length: 16 bytes.

Note: [1]

md5($salt.$pass.$salt)

Example: a3bc9e11fddf4fef4deea11e33668eab:1234

Used in TBDev.

Length: 16 bytes.

Note: [1]

md5($salt.md5($salt.$pass))

Example: 1d715e52285e5a6b546e442792652c8a:1234

Used in DLP.

Length: 16 bytes.

Note: [1]

SHA-1

Example: 356a192b7913b04c54574d18c28d46e6395428ab

Used in many forums and CMS.

Length: 20 bytes.

Algorithm: Same as the sha1() function in PHP.

sha1(strtolower($username).$pass)

Example: Admin:6c7ca345f63f835cb353ff15bd6c5e052ec08e7a

Used in SMF.

Length: 20 bytes.

Note: [1]

sha1($salt.sha1($salt.sha1($pass)))

Example: cd37bfbf68d198d11d39a67158c0c9cddf34573b:1234

Used in Woltlab BB.

Length: 20 bytes.

Note: [1]

SHA-256(Unix)

Example: $5$12345678$jBWLgeYZbSvREnuBr5s3gp13vqiKSNK1rkTk9zYE1v0

Used in Linux and other similar OS.

Length: 55 characters.

Description: The hash begins with the $5$ signature, then there goes the salt (up to 8 random characters; in our example the salt is the string “12345678″), then there goes one more $ character, followed by the actual hash.

Algorithm: Actually that is a loop calling the SHA-256 algorithm 5000 times.

Notes: [1] [2]

SHA-512(Unix)

Example: $6$12345678$U6Yv5E1lWn6mEESzKen42o6rbEmFNLlq6Ik9X3reMXY3doKEuxrcDohKUx0Oxf44aeTIxGEjssvtT1aKyZHjs

Used in Linux and other similar OS.

Length: 98 characters.

Description: The hash begins with the $6$ signature, then there goes the salt (up to 8 random characters; in our example the salt is the string “12345678″), then there goes one more $ character, followed by the actual hash.

Algorithm: Actually that is a loop calling the SHA-512 algorithm 5000 times.

Notes: [1] [2]

————————————————-

Notes:

[1] Since the hashing requires not only a password but also a salt (or a user name), which is unique for each user, the attack speed for such hashes will decline proportionally to their count (for example, attacking 100 hashes will go 100 times slower than attacking one hash).

[2] The hash is to be loaded to the program in full, to the “Hash” column – the program will automatically extract the salt and other required data from it.

[3] The ‘:’ character can be used as salt; however, since it is used by default for separating hash and salt in PasswordsPro, it is recommended that you use a different character for separating fields; e.g., space.

[4] Salt can contain special characters – single or double quotes, as well as backslash, which are preceded (after obtaining dumps from MySQL databases) by an additional backslash, which is to be removed manually. For example, the salt to be loaded to the program would be a’4 instead of a’4, as well as the salts a”4 instead of a”4 and a4 instead of a\4.

from:http://forum.insidepro.com/viewtopic.php?t=8225

unix hash加密方式判断

unix下:

$1开头为MD5

$5开头为SHA256

$6开头为SHA512

DES和明文开头无标记

转载请注明来自WebShell'S Blog,本文地址:https://www.webshell.cc/4222.html