Ubuntu 14.10 (Utopic Unicorn) Desktop. When people think about Ubuntu, they generally think about the desktop. The new release of Ubuntu 14.10 — while it certainly does include a new and improved desktop — saves its biggest improvements for its cloud and server versions.
On Ubuntu 12.04 I created several users and passwords, then promptly proceeded to try to crack those passwords with John the ripper. One password is very strong, but the others are in my wordlists.
John is still running, but I've got two cracked so far in about 20 minutes.
Everything I read talks about whether the salt is known or not. Take this hash for example:
The salt is:
, right? I mean, isn't it always known? So a salt really doesn't do anything but protect against using rainbow tables, right?
Also, there is this post:
According to that, a sha512 essentially cannot be cracked at all unless the password is in a wordlist. That post is about a year old, anyone have any new insights? I'm finding it difficult to find good resources about cracking hashes; all the information out there is about generating hashes and protecting passwords.
Community♦
user1616244user1616244
2 Answers
In your example the salt is YiP34XiXdXyh9fZn (base-64 encoded).
Yes, in this case salt protects only against rainbow tables.
SHA512 still secure now. Attacker need a password list.
this post is really old but i want to correct this anyway. Its not only for rainbow table attack but also for common attacks against whole databases. an attacker who capture an pw database wouldn't be so dumb and attack every hash separately. He will attack them all at once. so he has to calc for example while doing a dictionary attack every hash only one time and can then compare it with all the hashes from the db. with random salt he has to calc every hash for every pw individually. this would be slower almost by a factor of the number of hashes. salted big databases are much harder to attack then plain hash dbs.
Not the answer you're looking for? Browse other questions tagged ubuntuhashsaltpassword-hash or ask your own question.
Ubuntu 16.04.1 LTS Desktop 64-bit Ubuntu comes with everything you need to run your organisation, school, home or enterprise. All the essential applications, like an office suite, browsers, email and media apps come pre-installed and thousands more games and applications are available in the Ubuntu Software Centre. Ubuntu has always been free to download, use and share. We believe in the power of open source software; Ubuntu could not exist without its worldwide community of voluntary developers. With a built-in firewall and virus protection software, Ubuntu is one of the most secure operating systems around. And the long-term support releases give you five years of security patches and updates. Computing is for everyone regardless of nationality, gender or disability. Ubuntu is fully translated into over 50 languages and includes essential assistive technologies.