I am using an NPM package called Lastpass... it decrypts most of the info of the Lastpass vault, but not the name, notes, username and password.
Strings look like this:
p://sn',
notes: 'qS�\r����Xuc�\u0013��L��n����cB�a8���\u0012/�ܰ\u0000��`y�\t�^*���\tF���]��\u001b.�/�俷a擘,9{�3\u001f�0��\n�\u0012O�B�ٸ�\u001e�%2\u0006�JvP�]�\u000b>����\u0017c\rQ0$7\u0003���(�O\u000f�(�/H�~#�Q�\u0011\u001a��Y�\u0013N��?9�ٝ��ͧ{X��}XdI�k\r�����G�ƈLJ�B\u001d �\u001f�=��OM�\u00056\u000e��9�WCflX\bc�3����\u0002FR\u0017�.�B�\u0013\u0013���b1�h�#���]\u0019�\f>����Cx\u0002w��X�G\u0016�h#\u001c��C)�\u00030��V���\tG^\u001a�o���|\u0004�TC9�&�t.RBw����\u0018�ɪR%��#�
I can see some Unicode chars but I really dont know what encryption this is using... I hope it's nothing custom undecryptable :(
If you do not know the encryption key you will not be able to decrypt the encrypted data, it is that simple. Further the encryption key is not the password but derived from the password with a key derivation function.
Related
I am trying to take a plaintext password and hash it for comparison to password hashes stored in FreeBSD's /etc/master.passwd. My goal is to have a node.js program able to authenticate against the master.passwd database using existing account credentials.
I've set up a FreeBSD account, called test1. I gave it a password of "password". Looking at master.password, I see this in the password field:
$6$nEIifU2XZ9VDx3l5$RUW0Udy60Hon9OsoTAz8DcH0uvZ4E3p5CXFScrC694EF1Cpkf8/5GUtC750NZXnMFYZsMlBZE52INFlBUvWMb0
My understanding is that the $ characters act as delimiters for three fields:
The hash algorithm (6 being SHA512)
The salt, base64 encoded.
The salted password hash, base64 encoded.
I tried to replicate the hashing algorithm in Node.js like this:
const crypto = require("crypto");
let passwordPlain = "password"
let salt64 = "nEIifU2XZ9VDx3l5"
let salt = Buffer.from(salt64, "base64");
let passwordHashed = crypto.scryptSync(salt, passwordPlain, 64);
let passwordHashed64 = passwordHashed.toString('base64');
console.log(`$6$${salt64}$${passwordHashed64}`);
I would have expected to see my plain-text password of "password" hashed with the salt and displayed to match what's in master.password. What I got was very different.
$6$nEIifU2XZ9VDx3l5$Y9/0OCikTExQlo0lLp5FVK6DuANVx7BOXZ/spLvTyFvJstUVpJGeanqE+U6Uca63PagSiGNDfMbg35MpTUT/dQ==
I've tried passing the salt without base64 decoding. I've tried including the $ delimiters as part of the salt. I even tried Hmac instead of scrypt. Nothing works.
I'm beginning to wonder if it's not base64 encoded. The document that suggested it was is fairly dated, mentioning only MD5 hashing. Also, I would expect to see at least some base64 padding with equal signs in my master.passwd and I don't. Finally, I came across an example on the FreeBSD website that shows a password hash with a dot in it, and as far as I know that's not part of the base64 set of characters. (Only letters, digits, and + /)
I'm also thinking about Node.js scrypt() vs. FreeBSD crypt(). It was the closest thing I could find and when I use the default key length of 64 and remove the two padding characters, the base64 encoded length is a perfect match for the length of what's in master.passwd. But still, the hashes are very different.
I'm hoping someone can shed some light on things as I have come to the limit of my internet searching skills on this one.
Links to reseached pages:
https://stackoverflow.com/questions/34810547/what-is-freebsd-md5-and-why-does-it-produce-hashes-in-non-hexadecimal-notation?r=SearchResults&s=1|51.4889
https://www.freebsd.org/doc/handbook/security-intro.html
sha512crypt-node is a NodeJS implementation of the SHA512-based crypt implementation. The following code provides the desired hash:
const crypt = require('sha512crypt-node')
const hash = crypt.b64_sha512crypt('password', 'nEIifU2XZ9VDx3l5')
console.log( hash ) // $6$nEIifU2XZ9VDx3l5$RUW0Udy60Hon9OsoTAz8DcH0uvZ4E3p5CXFScrC694EF1Cpkf8/5GUtC750NZXnMFYZsMlBZE52INFlBUvWMb0
Further usage examples can be found here.
sha512crypt-node and also the SHA512 part of the FreeBSD implementation of crypt are based on the algorithm described here, see also [1][2].
crypto.scrypt (or crypto.scryptSync) from NodeJS is based on the scrypt algorithm described here, see also [3][4]. Ultimately, these are different algorithms, so that matching hashs cannot be expected.
This article here compares various algorithms including scrypt and the SHA512 part of crypt and should be of interest to you, especially with regard to security.
The task in front of me is to take a user supplied plain-text string (i.e. a password), and turn it into something that can be inserted into /etc/shadow as the hashed password string such that a user could then log in with the password originally supplied to generate the hash. This is a very common thing that we (re)solve over and over in the sysadmin world. There are a myriad of command line utils for doing this.
In this specific case, however, my constraint is that I need a pure Go solution that I can use in multiple contexts (a cli tool, an api, etc). My first attempt was just to use the bcrypt library. At a glance it seemed to possess the attributes I required. It's pure Go, it's super simple to use (bonus), and it generates output that looks about like what I was after ... but it didn't work. The output resulting from use of this library cannot be (for example) pasted into /etc/shadow as a user's password and then the user successfully able to log in with the original password.
I'm just wondering if anyone has run across this need in their day to day and solved it, who is willing to share their experiences and (gasp) code? I'm mainly wondering if there's a library targeting this approximate use-case someone would recommend? (my google fu may just have 'rona).
I'm sharing this here because the first thing I tried didn't work, and since I publicly asked, I felt it was fair to also publicly share the solution. This is a solution, specific to my situation. I'm not proclaiming it to be the solution, or that there aren't better solutions (please post those!). For my specific situation, here's what I came up with ... [EDIT: please note that user Marc suggested looking at this library in a comment above while I was composing this. Thank you, Marc, my fu is feeling better apparently]
As stated, my first attempt was just to use the bcrypt library, but it didn't work. On closer examination, I found that bcrypt only output in one format (i.e. uses one algorithm for hashing), which is apparently NOT compatible with the password system in Linux (at least not my particular distro). So while the output generally looked the way it should, the detail was:
bcrypt gives me something like: $2$10$sdfUILYhjd.HEdhjsdfgjhfdgjh.HEWjhndcjv
In that first field ($2), my distro of Linux does not support type $2 apparently (?) (widely supported ones are $1, $5, $6 (i.e. md5, sha256, and sha512)). There didn't seem to be a way for me to specify a different algorithm in the bcrypt go library. So, I cast about for other approaches/solutions. What I arrived at was:
package main
import (
"fmt"
"math/rand"
"os"
"time"
"github.com/tredoe/osutil/user/crypt/sha512_crypt"
)
func encryptPassword(userPassword string) string {
// Generate a random string for use in the salt
const charset = "0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"
seededRand := rand.New(rand.NewSource(time.Now().UnixNano()))
s := make([]byte, 8)
for i := range s {
s[i] = charset[seededRand.Intn(len(charset))]
}
salt := []byte(fmt.Sprintf("$6$%s", s))
// use salt to hash user-supplied password
c := sha512_crypt.New()
hash, err := c.Generate([]byte(userPassword), salt)
if err != nil {
fmt.Printf("error hashing user's supplied password: %s\n", err)
os.Exit(1)
}
return string(hash)
}
This function returns strings that look like:
$6$tZeuYPZ3$3mj70WOprJj5ytFFzC8gUFYk7eymQvaR4lDg5C0WzwBAMupRAan7BaC6EAbL9Eiyi2GZR6PQIQQa.y6kZLqh6
which you can simply paste directly into /etc/shadow or supply to an installer as a hashed password (kickstart, cloud-init, etc) and go about your business. In my case, I'm writing a library function for an application that I can call from a command-line utility or from an api service that in turn supplies that hashed string as a parameter to cloud-init.
HTH others who may find this in the future.
In the moment I'm struggling a little bit with the generation of HMAC for Amazon MWS.
I thought I understood how it works.
With the Scratchpad I generated a request. Scratchpad shows the string to sign and also the SHA 256 HMAC and the Base64 HMAC.
The string to sign consists of 4 lines like it's described in the docu.
There are several Onlineconverter for HMAC. I tried:
https://www.freeformatter.com/hmac-generator.html
https://codebeautify.org/hmac-generator
When I convert the string to sign which Scratchpad generated (the 4 lines), I get an other SHA 256 HMAC then Scratchpad generated.
Also there are several Onlineconverter for Base64. I tried:
https://www.freeformatter.com/base64-encoder.html
https://www.base64encode.org
When I convert the SHA 256 HMAC which Scratchpad generated, I get an other Base64-String then Scrathpad generated.
This confuses me. What I don't understand?
Other point:
Later I think I want to use GET and not POST. Do I get this right, that the string to sign for GET also has to be in 4 lines and not in one line as it would be executed later? That's how I understand the docu.
I used these links:
http://docs.developer.amazonservices.com/en_US/dev_guide/DG_QueryString.html
http://docs.developer.amazonservices.com/en_US/dev_guide/DG_SigningQueryRequest.html
https://mws.amazonservices.com/scratchpad/index.html
To answer my own questions.
Generate SHA256 with an Onlineconverter:
I suppose the Problem is the LF. The Onlineconverter maybe have problem with it. Maybe they use CRLF. Better don't try to check your SHA256 with Onlineconverters.
Generate base64 with an Onlineconverter:
The SHA256 Scratchpad shows is not the value you convert with base64. You have to convert the Hex-Value of the SHA256.
Query to sign with GET:
If you want to use GET, the query to sign has to look like the query to sign for POST. Also the four lines. Only swap POST with GET.
Hi All
I want to convert the string (taken as input from user) into a secretkey.I am coding in J2ME.The algorithm used is blowfish.
The Java cryptography APIs are not available in Java ME.
You'll need to download the Bouncy Castle lightweight cryptography API, which supports Java ME. You can then extract the classes you need from there. I found a code example here that should help you get started.
About charsets: Java ME does indeed support UTF-8, so that's always a safe bet. And a good idea, yes, although you'll see a lot of code that doesn't specify a charset.
Edit: Please see Eric's answer. This is not available in J2ME.
To convert a string to a key, you can do:
String strkey = "My key goes here";
SecretKeySpec key = new SecretKeySpec(strkey.getBytes("UTF-8"), "Blowfish");
I am trying to decrypt a hashed string using
Security::cipher($strHashedPassword, Configure::read('Security.salt'));
doesn't seem to be giving the desired result. Does anyone have any experience with this? From the docs it looks like this should work.
Please note that you cannot decrypt a hashed string. Hashes are irreversible by definition. They can't be decrypted because they're not encrypted to begin with, they're hashed. If you're really trying to decrypt a password hash (as produced by the AuthComponent?) you're out of luck.
Security::cipher can only decrypt strings that it encrypted as well, in which case you'd be talking about a cipher text, not a hash.
If you can demonstrate that this doesn't print "test":
$cipherText = Security::cipher('test', Configure::read('Security.salt'));
echo Security::cipher($cipherText, Configure::read('Security.salt'));
you have found a bug in Cake, most likely the one linked to by #infinity. Otherwise, you're trying something impossible.
Hi have a look at CakePHP forum:
http://cakephp.lighthouseapp.com/projects/42648/tickets/471-securitycipher-function-cannot-decrypt