04-10-2012, 05:17 PM
Was able to obtain some OpenLDAP SSHA's during an assessment and attempted to use oclHashcat-plus to analyze them. The hashes were disregarded as invalid SSHA's or oclHashcat-plus type "111 = nsldaps, SSHA-1(Base64), Netscape LDAP SSHA". Was able to verify the validity of the SSHA's via OpenLDAP's web site in an example used to generate OpenLDAP SSHA's via various code tid bits. The below hash came from OpenLDAP's site.
OpenLDAP SSHA Hash: {SSHA}0c0blFTXXNuAMHECS4uxrj3ZieMoWImr
OpenLDAP SSHA pass: testing123
Request: Include a Base64 parser that would allow for dynamic salt lengths in OpenLDAP SSHA's to crack using oclHashcat-plus.
Thanks!
OpenLDAP SSHA Hash: {SSHA}0c0blFTXXNuAMHECS4uxrj3ZieMoWImr
OpenLDAP SSHA pass: testing123
Request: Include a Base64 parser that would allow for dynamic salt lengths in OpenLDAP SSHA's to crack using oclHashcat-plus.
Thanks!