Find salt in the blowfish encrypted hash

Question

This is kind of very basic question. I have searched for help regarding this but couldn't find any concrete answer to it. Therefore i am asking it specifically here.

The use case is, i want to find the weak password referring to the list of hashes available. For that i am have to compare the hash of each known/common words with the available hash. All this is done in C++ for Unix using openssl/blowfish.h

However, to create the hash of this guess word needs to be generated using the same salt that was used for the password hashes.

My question here is how can i extract the salt from password hashes. Suppose, following is my hash:

$2a$10$FTx8T5QrEbxYVe.NJ6iOhuei.V9qgl60xF8/8s7iZRDIlOl.ibDEW

What is salt in this? or how i can achieve the goal? Any pointer would be great!!

Thanks in Advance.

Answer 1

The "salt" of a password hash function is concatenated with the password, and the resulting string is then hashed. To get back the salt, that would mean you'd need to get back the string which was hashed. Obviously, that has two major issues:

1. If you'd be able to get back that hashed string, it would also contain the plaintext password. That would be a major security failing of the hash function.
2. You'd also have to figure out which part of the concatenated string is the salt, and which the password.

Answer 2

Just pass the password hash as the salt -- it is smart enough to extract itself. This is the convention of crypt()

See How Passwords Work in Unix, Mac OS, and Windows under Modern Unix and "BSD-style" hashing.

Note: the salt parameter of crypt() is NOT the salt. It is $algorithm$salt$MORESALTsomething, so you should never extract the salt yourself. -- it is called salt for historical (DES-era) reason.

See also Why does crypt/blowfish generate the same hash with two different salts?

Answer 3

Isn't that the point of the salt? That you don't know what it is? So nobody can come and do what you're trying to do now?

The way I understand salt is this:

• You have a string, let's call it password.
• And you have and algorithm that takes a string and produces a hash from it. Let's call it blowfish
  • is that even correct? is blowfish a hashing algorithm? I don't think so!!!.
  • Let's call our algorithm md5.
• md5 will produce a hash for password, but it will always produce the same one
• You have a bad guy. Let's call him Mrun.
• Mrun tries to find out the password by testing md5 with a bunch of known passwords from a dictionary
• by not using just password, but instead password + salt, a different hash is produced and Mrun is foiled.

If you need to find the salt, you will have to have at least one known combination of password and hash. Then you can try to use brute force to figure out the salt. Good luck. Oh, and I hope you're not being evil here. Oh, and I hope the rest of the evil beings are also clueless...