Decrypt password?



  • Hi,
    I was wondering if someone could assist me on this dilemma im having?
    So I have been organizing the passwords for the users on pfSense and completely lost the excel format, recently my boss asked me to pass the list and im totally screwed. I could change the passwords on each user on pfSense for the OpenVPN but then it was obvious i lost the passwords. I have a backup config but not sure how to decrypt  the password?

    Thank you

    user>
    			<scope>user</scope>
    			<password>$1$TUJn4yIp$LWkgW6CjauYopfo8WWJAF.</password>
    			<md5-hash>0a8ad6d6c989c01d19eff2b6cd10c3b0</md5-hash>
    			<nt-hash>3839303064653065326232623737363330323438313864383933383232346337</nt-hash>
    
    


  • Short answer is that you don't decrypt the passwords. The stored passwords are hash values of the plain text passwords and the hashing method used is a one-way function. If it was possible to decrypt them we would have a real problem in our hands.


  • Netgate

    Running the hashes through something like john the ripper might get some of them, but that is more an exercise to find people who have weak passwords that should be changed anyway.


  • Rebel Alliance Global Moderator

    "recently my boss asked me to pass the list and im totally screwed. "

    pass the list??  What does that mean?  So you have a list of all the users passwords, and they can not change them?  To be honest, better that you lost that list.  Someone that has that list could pretend to be any user, etc.  Not really a good idea to keep such a list, I wouldn't be real happy if I was the user, etc.



  • johnpoz: by "my boss asked me to pass the list" I suspect he meant "pass on", as in 'give a copy to'.  English phrasal verbs can be confusing when it's your second language.

    I fully agree keeping a copy of passwords in Excel is a horrible idea.  Other horrible ideas include using short passwords and using md5. :)

    killmasta93: I suggesting reading up on the following topics:
    https://en.wikipedia.org/wiki/Dictionary_attack
    https://en.wikipedia.org/wiki/Salt_(cryptography)
    https://hashkiller.co.uk/md5-decrypter.aspx


  • Rebel Alliance Developer Netgate

    If you were keeping passwords in an Excel spreadsheet, you have a lot bigger problems than needing to reverse a password from a hash.

    Change all your passwords immediately and if you must store them, store them in a secure password vault program such as KeePass2.



  • You're probably screwed.

    As mentioned above; you could trying like John the Ripper or hashcat, but because they're hashes you will be cracking them not decrypting them.

    My advice, admit your mistake to your boss and reset the passwords.  Also, don't store passwords in an Excel spreadsheet.  Use a password manager, like KeePass.



  • Thanks for the reply, i just ended up saying that the excel file was damaged on my computer and changed the passwords for each user again, just got a slap on the wrist :)

    Thank again

    :P



  • Hi.

    Maybe off topic: One PhP function for encrypt/decrypt passwords, without the KEY is not easy decrypt it :)

    
    function fenydesencripta($vcadena, $modo) {
      //AES-256 / CBC / ZeroBytePadding - ref http://php.net/manual/es/function.mcrypt-encrypt.php
      $key = pack('H*', "dcb04c7d113a0cd7b53763052cef08cc55ace029fddbae4e1d427e2cfb2a10a2");
      $iv_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_CBC);
      $iv = mcrypt_create_iv($iv_size, MCRYPT_RAND);
      if ($modo) {
        // $modo = true => encrypt // encripta
        $ciphertext = mcrypt_encrypt(MCRYPT_RIJNDAEL_128, $key, $vcadena, MCRYPT_MODE_CBC, $iv);
        $ciphertext = $iv . $ciphertext;
        $ciphertext_base64 = base64_encode($ciphertext);
        return $ciphertext_base64;
      } else {
        // $modo = false => decrypt // desencripta
        $ciphertext_dec = base64_decode($vcadena);
        $iv_dec = substr($ciphertext_dec, 0, $iv_size);
        $ciphertext_dec = substr($ciphertext_dec, $iv_size);
        $plaintext_dec = mcrypt_decrypt(MCRYPT_RIJNDAEL_128, $key, $ciphertext_dec, MCRYPT_MODE_CBC, $iv_dec);
        return $plaintext_dec;
      }
    }
    
    

    and one way to implement:

    
    //…
    foreach ($a_hosts as $hostent):
    ?>
    
    

    Regards