34 lines
1.5 KiB
Plaintext
Executable File
34 lines
1.5 KiB
Plaintext
Executable File
= Intro
|
|
=======
|
|
|
|
EPiServer is a popular webbased content management system from Elektropost (http://www.episerver.com).
|
|
You can dump the password hashes using the SQL syntax "select name, salt, hash from tblSID". The tblSID
|
|
tabel stores interesting things such as usernames, salt and password hashes, but also passwords in cleartext.
|
|
If a password can be found in cleartext it is found in the password column of tblSID.
|
|
|
|
= Install
|
|
=========
|
|
|
|
Copy the epibf_X.Y-john_1.7.2.patch (where X and Y needs to be replaced with the version you downloaded)
|
|
to your john source directory, e.g. john-1.7.2/src and then run "patch -p2 < epibf_X.Y-john_1.7.2.patch" (remember the X and Y).
|
|
The patch will create a file called EPI_fmt.c, some files for SHA1 support as well as update some of johns
|
|
files in order to incorporate the patch with john.
|
|
|
|
= Usage
|
|
=======
|
|
|
|
This patch needs the format of the password file to be: <user>:<salt> <hash>. (Currently you need to include
|
|
an inital 0x of both salt and hash.)
|
|
|
|
--- Contents of an example epipasswd file ---
|
|
|
|
webadmin:0x6631F625DEC28716FC24FA3CC1B3E2055E4281F4465226905C10D3456035 0x4F25D9BD24B81D85B1F2D106037C71CD2C828168
|
|
epiuser:0x48F9BA13F54CE7AF669C76EEBC6BEA4564EBB77F1866CA5F2B297F7159C1 0xDA4260812C195025B4442C5C84E0F890122B285A
|
|
|
|
-------------- End --------------------------
|
|
|
|
You can then run "john epipasswd", the format will be autodetected.
|
|
In case you'd like to check the performance of the patch try "john --test --format:epi".
|
|
|
|
-johannes
|