Search code examples
cryptographymd5freebsdhash-function

What is FreeBSD MD5 and why does it produce hashes in non-hexadecimal notation?


I am doing a hacking challenge from Hack This Site in which I found a password hash and then cracked it by brute forcing possibilities. The format that my hash cracker (John the Ripper) used was something called "FreeBSD MD5". The password and hash are the following: PW: shadow HASH: $1$AAODv...$gXPqGkIO3Cu6dnclE/sok1

My question is, doesn't MD5 normally only have the charset 0123456789abcdef (hexadecimal)? Why is this hash suddenly including a bunch of other characters?

Screenshot: enter image description here


Solution

  • This is a salted password hash:

    • $ is a field separator
    • 1 is the type (MD5)
    • AAODv... is the (plaintext) salt for the hash
    • gXPqGkIO3Cu6dnclE/sok1 is the hash coded in base64

    The salt is concatenated with the password before hashing to prevent rainbow tables: md5(salt + password)) and to verify a password, it must be prefixed with this salt prior to hashing.

    Representing the hash in base64 makes it a bit shorter than by hex digits (23 vs 32 bytes).