https://github.com/peppelinux/pyssha-slapd

Python SSHA hash generator and validator with debugging features
https://github.com/peppelinux/pyssha-slapd

openldap sha1 slapd ssha ssha160

Last synced: 8 months ago
JSON representation

Python SSHA hash generator and validator with debugging features

Host: GitHub
URL: https://github.com/peppelinux/pyssha-slapd
Owner: peppelinux
License: gpl-2.0
Created: 2018-01-07T16:08:44.000Z (over 8 years ago)
Default Branch: master
Last Pushed: 2020-02-11T15:10:18.000Z (over 6 years ago)
Last Synced: 2024-10-07T15:35:38.024Z (over 1 year ago)
Topics: openldap, sha1, slapd, ssha, ssha160
Language: Python
Homepage:
Size: 38.1 KB
Stars: 11
Watchers: 3
Forks: 5
Open Issues: 1
Metadata Files:
- Readme: README.md
- License: LICENSE

Awesome Lists containing this project

README

# pySSHA-slapd
Python hashlib generator born as a script to test OpenLDAP user passwords.
It supports salted:

- md5
- sha1
- sha224
- sha256
- sha384
- sha512

Introduction
------------
pySSHA-slapd is a simple SSHA string encoder e checker that's quite easy to use:
````
python3 ssha.py -p slapdsecret
{SSHA}omu7YHgg6_uqOIN_epZtfJtGo0ruwdSr
````
Usage
````
usage: ssha.py [-h] -p P [-s S] [-salt_size SALT_SIZE] [-c C] [-enc ENC] [-b]
[-prefixed] [-d D]

Usage: python ssha.py -p Password[-c SSHA hash to check]

optional arguments:
-h, --help show this help message and exit
-p P Password to encode
-s S Salt, 4 bytes in hex format, example "fooo": -s
666f6f6f
-salt_size SALT_SIZE salt lenght
-c C {SSHA} hash to check
-enc ENC Encoder to use, example: sha1 sha224 sha256 sha384
sha512
-b if {SSHA} hash is in base64 format
-prefixed if suffixed or prefixed salt
-d D Debug level from 1 to 5

````

Dependencies
------------
Python3 and hashlib

Usage examples
--------------

You can adopt a specified salt for hashing, in hex format:
````
python3 ssha.py -p slapdsecret -s 74be2629
{SSHA}w5CJCwNQk44NjTYzcMZNKbE6Bu90viYp
````

Verify if a password is valid comparing it with a SSHA hash:
````
python3 ssha.py -c {SHA1}pPUGnEBCmIa+fJy6ZTS87eEg+ylVYDqcrs6oHA== -p slapdsecret
````

Same as previous but ssha hash is in base64 format (like ldapsearch output):
````
python3 ssha.py -c e1NIQTF9dzVDSkN3TlFrNDROalRZemNNWk5LYkU2QnU5MHZpWXA= -b -p slapdsecret -salt_size 4
````

Same as the previous but with maximum debug level
````
python3 ssha.py -c e1NIQTF9dzVDSkN3TlFrNDROalRZemNNWk5LYkU2QnU5MHZpWXA= -b -p slapdsecret -d 3 -salt_size 4

[sshaSplit debug]
ssha_password: {SSHA}w5CJCwNQk44NjTYzcMZNKbE6Bu90viYp
salt: 74be2629
payload: 0b0350938e0d8d363370c64d29b13a06ef

[checkPassword debug]
ssha_password: {SSHA}w5CJCwNQk44NjTYzcMZNKbE6Bu90viYp
created_password: {SSHA}w5CJCwNQk44NjTYzcMZNKbE6Bu90viYp
salt: 74be2629
password: slapdsecret

{SSHA} Check is valid: True
````

select your preferred encoder
````
python3 ssha.py -p slapdsecret -s 74be2629 -enc sha512
{SHA512}4gm2Ep0Nklb8pkss9zIs+t6/BGaGn2QYphl3UeAYuBBNW/hj8glu4jUb7JPb4LVWdCv+g0WoyYUB9VWVajQpjHS+Jik=
````

without salt
````
python3 ssha.py -p ciao -d 3 -salt_size 0 -enc sha512
````

OpenLDAP use a 8byte lenght salt, you can also change this value with **-salt_size** option.

Resources
---------
- https://tools.ietf.org/html/rfc3174
- https://github.com/openldap/openldap/blob/master/libraries/liblutil/sha1.c
- https://github.com/openldap/openldap/blob/master/contrib/slapd-modules/passwd/sha2/README

ecosyste.ms

Data

Tools

Indexes

Applications

Experiments

Awesome

https://github.com/peppelinux/pyssha-slapd

Awesome Lists containing this project

README