Jump to content

creating password hash with python/understanding JTR module code


haicen

Recommended Posts

I have a bit of an odd question that I'm hoping someone here can point me in the right direction to figure out. I have been looking at a DVR which I purchased for the express purpose of poking around on. I was able to gain access to it via telnet, and found some interesting things. I found the password hashes for the web portal. The passwords themselves are hashed using an algorithm detected by JTR as "dahua". Outside of the source code for the JTR module located at http://fossies.org/linux/john/src/dahua_fmt_plug.c I cannot find any information about how this algorithm works. I spent several hours using my google-fu, but I haven't found anything yet.

 

Here is what I have so far from reading the source code from above:

The password is hashed using MD5, then compressed using the compress method included above. I don't know C well enough to be able to translate the rest of it, but that seems to be 99% of the work. I am getting hashes in the correct format using the code posted below, but they aren't correct. The code from the JTR module expects a 16 character hash, but MD5 returns a 32 character hash. I am quite rusty on C/C++, but I'm having a really hard time understanding the flow of the C program of the JTR module, particularly with pointers, and memory allocations. I know my python file has some errors in it, because it wasn't until I started writing this that I realized it was only checking the first 16 characters of the hash, not the full 32. It doesn't matter because the compressor as written only reduces the length by 2 anyway. 

dahua_hash.py

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...