iSeries (AS/400) Database File: password encryption_问答_开发者

iSeries (AS/400) Database File: password encryption

开发者 https://www.devze.com 2023-03-26 20:52 出处：网络

I am helping with a project in which an old software system on an iSeries is having a brand new .NET UI applied to it.It\'s going well... except...

I am helping with a project in which an old software system on an iSeries is having a brand new .NET UI applied to it. It's going well... except...

In order to allow users to login and maintain compatibility with the existing software installation, we need to figure out what encryption/hashing method the previous vendor was using without access to their source code.

I have a file with an ID and Password开发者_运维知识库 column. The password column appears to contains only 16 characters per record, all binary.

Part of the previous vendor system was written in native green screen on the 400, and part of it was written in Microsoft ASP.Net.

What type of encryption or hash would be:

Used by an AS/400 or iSeries Green Screen app, and
Used by a Microsoft .NET app, and
Output a consistent 16 binary bytes, regardless of input length

Pointers much appreciated. Thanks!

There are many built-in and third party encryption schemes for the i. Your best bet is to find the API that the vendor uses in their applications or ask them directly. A well-designed application would have that log-in code in one spot.

Note: I have dealt with enough vendors to know that what I am saying is like asking you to move the Eiffel Tower 2 inches to the left.

First port of call is the system manual for the old system. After that contact the supplier, and assuming you paid for support (you did pay for support, didn't you), get their technical support people to answer your question.

If that doesn't get you anywhere, you have to start digging. Sixteen characters is 128 bits, so you probably have a 128 bit hash of something. Most likely MD5, especially if the original code dates from about 1991 to 1996.

Next you need to decide if it is adding a salt to the password before hashing it. Create two new user accounts on the old system with different usernames and the same password. Say "user1/password" and "user2/password". Now look at the password file and locate the two new entries. If the two hashes are the same then no salt was used, and you probably have a simple hash of the password. If not then try the MD5 hash of simple combinations of the username and password:

user1password
passworduser1
user1:password
password:user1
etc.

If one of these works then you have solved it. If not then you are going to spend a very long time building Rainbow Tables and all sorts of other cryptanalytic stuff.

If it gets to that it might be easier to just put a network sniffer onto your network where it hits the old system so you can read your users' passwords before they get hashed. For additional certainty check for the "You logged in correctly" message going back the other way before you record the password. They might mistype it just at the wrong time.