in reply to What kind of encryption is this?

When I tried crypting the password with the salt set to 1y, I got 1yl9nR3IDmrqY. So it's probably not crypted.

Could it be base64? Basic HTTP authentication uses Base64 encoding to obscure password information. Of course this doesn't seem work either. I tried to use this script to unencode the string. No luck, I got a bunch of high ascii junk.

Mostly useless, huh? Are you sure that you haven't got another plaintext password there?

Update:

crazyinsomniac, which assumption? I guessed the salt was 1y because the standard format for crypted output is two characters of salt, followed by 11 characters of hash (SSXXXXXXXXXXX). The mystery string is 1yIM9F71yIM9v, which just happens to be 13 chars long. By making the assumption and testing it, I was able to determine that the mystery string is not a crypted form of the plaintext password we were provided.

Assumptions have their uses, when they are recognized as such. The problem with assumptions comes from not knowing what your assumptions are. Ask any mathematician.


TGI says moo

Replies are listed 'Best First'.
(crazyinsomniac:don't assume) Re: (2) What kind of encryption is this?
by crazyinsomniac (Prior) on Mar 20, 2001 at 02:38 UTC
    Well that's a pretty fscked up assumption, all such assumptions are.

    Who knows what the salt is, maybe it's static, you don't know.
    update:
    Heh, you're joking right? That is even more crazy. There is no standard, just because all lamers do it by default upon suggestion of the pod, don't make it standard. Anyway the standard you speak of also stores the plaintext password for so those dummies who forget it aren't lost forever(i mean apps that use that standard not crypt).

     
    ___crazyinsomniac_______________________________________
    Disclaimer: Don't blame. It came from inside the void
    perl -e "$q=$_;map({chr unpack qq;H*;,$_}split(q;;,q*H*));print;$q/$q;"

[reply]

In Section Seekers of Perl Wisdom