03-16-2012, 12:12 AM
I'd like to see support for EPiServer hash format:
EPiServer is a CMS - and much more. Info at www.episerver.com
Runs on top of Microsoft IIS, uses Microsoft .NETs capabilities for password hashing. .NET supports the use of PBKDF2, SHA-1 and more.
Default password configuration for EPiServer 6.x installations:
passwordFormat="Hashed"
maxInvalidPasswordAttempts="5"
minRequiredPasswordLength="7" minRequiredNonalphanumericCharacters="0" passwordAttemptWindow="10"
passwordStrengthRegularExpression=""
Creating a test user with a test password:
testUser:testPassword
Gives us the following data stored into DB (before any decode etc..):
Password hash: UQgnz/vPWap9UeD8Dhaw3h/fgFA=
Salt: fGJ2wn/5WlzqQoDeCA2kXA==
JtR got support in jumbo 12 for 1.7.2 in 2008, thx to Johannes Gumbel in Sweden. At least some older code on it is available here: https://fossies.org/unix/privat/john-1.7....fmt_plug.c
Best regards,
Per Thorsheim
EPiServer is a CMS - and much more. Info at www.episerver.com
Runs on top of Microsoft IIS, uses Microsoft .NETs capabilities for password hashing. .NET supports the use of PBKDF2, SHA-1 and more.
Default password configuration for EPiServer 6.x installations:
passwordFormat="Hashed"
maxInvalidPasswordAttempts="5"
minRequiredPasswordLength="7" minRequiredNonalphanumericCharacters="0" passwordAttemptWindow="10"
passwordStrengthRegularExpression=""
Creating a test user with a test password:
testUser:testPassword
Gives us the following data stored into DB (before any decode etc..):
Password hash: UQgnz/vPWap9UeD8Dhaw3h/fgFA=
Salt: fGJ2wn/5WlzqQoDeCA2kXA==
JtR got support in jumbo 12 for 1.7.2 in 2008, thx to Johannes Gumbel in Sweden. At least some older code on it is available here: https://fossies.org/unix/privat/john-1.7....fmt_plug.c
Best regards,
Per Thorsheim