0

I don't know what's algorithm of storing password in /etc/shadow in Linux.
I tested via the following script via python:

import hashlib
message = b"123"

md5_hash = hashlib.md5(message).hexdigest()
sha1_hash = hashlib.sha1(message).hexdigest()
sha256_hash = hashlib.sha256(message).hexdigest()
sha384_hash = hashlib.sha384(message).hexdigest()
sha512_hash = hashlib.sha512(message).hexdigest()

print(f"MD5: {md5_hash}")
print(f"SHA-1: {sha1_hash}")
print(f"SHA-256: {sha256_hash}")
print(f"SHA-384: {sha384_hash}")
print(f"SHA-512: {sha512_hash}")

But I did't see my password.My password is 123.

  1. Does shadow store as HASH? if yes I should discard getting password.
  2. If password doesn't store as hash, How can I get it?
Improve this question
2
  • Unfortunately, yes, your password hashed with scrypt. Commented Feb 22 at 6:32
  • This is relatively good question, upvoted, but we need more information on why you need this, what you have tried, etc. Please avoid downvotes, and fill the gaps ASAP. Cheers Commented Feb 22 at 7:52

1 Answer 1

Reset to default
1

In the beginning of Unix, there were no hash algorithms. It was noted that if you encrypted the password (with DES, only thing available) using a fixed key, it could be decrypted. But if you encrypt 0 with the password, that operation is not easily reversible. The next problem was to avoid having two passwords produce the same encoded form, so something known as a "Salt" was introduced into the mix. The salt is then part of the encoded password. An encoding more compact than hex is used. This condition lasted for quite some time.

Then cryptographic hashes were developed. Many of them are now usable in password hashes. To distinguish between the hashes, a prefix is typically added to the encoded string, like "$1$", "$6$" and "$f$". The salt is still used, as is the compact encoding. With a hash, the salt is hashed with the password, possibly through multiple steps.

What this boils down to is that you aren't going to get from a hash of your password to what you find in /etc/shadow or /etc/passwd. If you want to know all the variants, you might try looking in the documentation (or even source) of a password cracker.

Improve this answer

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.