Drupal 7 hashes
#1
Hello everyone!

I'm performing a pentest and was able to compromise a web application via SQLi. This database server was also being used for Drupal.

The latest version, 7 changed their hashing algorithm to SHA512 using this function:
http://api.drupal.org/api/drupal/include...password/7

I don't see support for Drupal 7 specifically, but I'm wondering if the generic sha512 support would work.

I'd normally just set up an instance of drupal and try but I'm not infront of my GPU machine....
#2
Generic sha512 won't work.
#3
(07-13-2012, 11:04 PM)gat3way Wrote: Generic sha512 won't work.

Is there a tool that will? I've looked in the usual places and have come up with nothing.
#4
It looks like 15 rounds of SHA512, prefixed with '$S$<base64 encoded number of rounds><6byte random salt>'.
#5
(07-17-2012, 05:00 PM)fuzztester Wrote:
(07-13-2012, 11:04 PM)gat3way Wrote: Generic sha512 won't work.

Is there a tool that will? I've looked in the usual places and have come up with nothing.

JtR-jumbo supports cracking drupal 7 hashes. However, it is slow.