Hi.

The salt is similar to an identifier. I've heard specific algorithms use specfic salts. I could be mistaken, but I believe perl uses either 3DES or DES. The first two characters comprise the salt used when the crypt function was called initially. When you perform some action that calls the crypt function ( such as login or su ), it extracts the first two characters ( the salt ), and attempts to 're-hash' your password with the following function:

if (crypt( $data, $hashed_text) eq $hashed_text )
// additional code here.

Since you are hopefully using the same password, and since the crypt() function is using the same salt, it should create the same hashed string again. If these two conditions are true, they will match and..success!

Sample run: 
 

#!/usr/bin/perl -w
use strict;

my $data = "Perlmonks!";
$data = crypt( $data, "hj" );
print $data, "\n";

#Results in...

C:\perl>perl crypt_test.pl
hjCQi34Qt4uGE

C:\perl>

[download]

As you can see, the salt ( "hj" ) can be found at the beginning of the string.
If you wanted to incorporate this into an application, you could do something like this: 


#!/usr/bin/perl -w
use strict;

my $password;
my $salt;

print "Please enter password: ";
chomp( $password = <STDIN> );
print "Enter two-char salt: ";
chomp( $salt = <STDIN> );

$password = crypt( $password, $salt );

# Then to 'verify' the authenticity, use 
# the value of $password you obtained earlier.

print "Please enter your password: ";
chomp( my $guess = <STDIN> );
print "Imposter!" if( crypt($guess, $password) ne $password);

[download]

I hope this helps,

-Katie a.k.a. DigitalKitty

In reply to Re: Tales from the crypt() by DigitalKitty
in thread Tales from the crypt() by Cody Pendant

Title:
Use:  <p> text here (a paragraph) </p>
and:  <code> code here </code>
to format your post, it's "PerlMonks-approved HTML":


  • Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!
  • Titles consisting of a single word are discouraged, and in most cases are disallowed outright.
  • Read Where should I post X? if you're not absolutely sure you're posting in the right place.
  • Please read these before you post! —
  • Posts may use any of the Perl Monks Approved HTML tags:
    a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, details, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, summary, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr
  • You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)
            For:     Use:
    & &amp;
    < &lt;
    > &gt;
    [ &#91;
    ] &#93;
  • Link using PerlMonks shortcuts! What shortcuts can I use for linking?
  • See Writeup Formatting Tips and other pages linked from there for more info.