It always confused me that people would create a random salt for a plaintext password they were about to encrypt, and somehow they were able to compare an entered password with the encrypted one and compare for similarity. As you will see from this script, what happens is that whatever you choose for a 2 character "salt" is always the same as the first two characters of the encrypted password. Therefore, all you have to do is take the plaintext password and use the _encrypted password_ as the salt, to recreate the entire encrypted password as long as the plaintext password is the same as the one that was originally entered. 


my $password = 'password';

my $encrypted_password = crypt $password, 'AB';

printf "password: %s encrypted_password: %s\n",
  $password, $encrypted_password;


printf "
crypt(password,AB): %s
encrypted_password: %s
crypt(password,BC): %s
crypt(password,encrypted_password): %s
\n",
  crypt($password,'AB'),
  $encrypted_password,
  crypt($password,'BC'),
  crypt($password,$encrypted_password);

[download]

Replies are listed 'Best First'.
(Guildenstern) Re: Understanding crypt()
by Guildenstern (Deacon) on Apr 20, 2001 at 18:12 UTC
    This is consistent with how the crypt man page describes its workings. I'm quoting from a RH6.2 system here:

    "The returned value points to the encrypted password, a series of 13 printable ASCII characters (the first two characters represent the salt itself)."

    This is also what the perl crypt docs imply as well. You can see in the sample code that the first two chars are extracted from the stored password to get the salt value. This is how crypt() has worked for a very long time.

    Guildenstern
    Negaterd character class uber alles!
[reply]
[d/l]
      Doesn't hurt to mention it again though does it? :)

      $ perldoc perldoc
[reply]
Re: Understanding crypt()
by princepawn (Parson) on Aug 10, 2001 at 19:15 UTC
[reply]

Back to Cool Uses for Perl