1

I would like to take from this text login and password but password probably is encrypted MD5?

This Text "String":

username="Domain\ik_r.test",realm="Digest",nonce="+Upgraded+v16223a53d44f99beb7dfaf10bf5738392669956ca1a21d101e949e262b02c7a7e268e9699b5824cd55c05d7bb900059b7b8985caa00174ace",uri="/Service1.svc",cnonce="+Upgraded+v1e077752581e4417aaefb76c90bca4fef0d9e033d4cb882c74cc04f2e95704b31",nc=00000001,algorithm=MD5-sess,response="6acc0f7e891fe4daa4174da35f098764",qop="auth",charset=utf-8,hashed-dirs="service-name,channel-binding",service-name="HTTP/test.eu",channel-binding="05439c3422ef9779e232067358231137"

Result:

string login = "Domain\\ik_r.test";
string password = ?;

Example: https://en.wikipedia.org/wiki/Digest_access_authentication

Rafał Developer
  • 2,135
  • 9
  • 40
  • 72
  • 2
    Well for a start, that code wouldn't even compile... and then when it is, that's not Base64. Why would you expect that to work? Where do you think you have Base64 data? – Jon Skeet Nov 17 '15 at 09:54
  • can you show your code? credentials.ToString(); – Francis Saul Nov 17 '15 at 10:05
  • @Jon Skeet I take this example code because I need prepare basic authentication for wcf. – Rafał Developer Nov 17 '15 at 10:06
  • @FrancisSaul this code is automatically via www. User input login and password and I get this -> username="Domain\ik_r.test",realm="Digest",nonce="+Upgraded+v16223a53d44f99beb7dfaf10bf5738392669956ca1a21d101e949e262b02c7a7e268e9699b5824cd55c05d7bb900059b7b8985caa00174ace",uri="/Service1.svc",cnonce="+Upgraded+v1e077752581e4417aaefb76c90bca4fef0d9e033d4cb882c74cc04f2e95704b31",nc=00000001,algorithm=MD5-sess,response="6acc0f7e891fe4daa4174da35f098764",qop="auth",charset=utf-8,hashed-dirs="service-name,channel-binding",service-name="HTTP/test.eu",channel-binding="05439c3422ef9779e232067358231137" – Rafał Developer Nov 17 '15 at 10:09
  • Again, where do you think you have base64-encoded data? Nothing you'ev shown so far is base64-encoded. It's really unclear what you're trying to achieve or where you think base64 encoding comes into it. – Jon Skeet Nov 17 '15 at 10:19
  • @Jon Skeet Ok. I understand this text is wrong. It's not base64. What I want to achieve? I would like to get from this text string login = "Domain\ik_r.test"; and string password="" but password in this text I can't find mayby is encrypted? It`s not my code. – Rafał Developer Nov 17 '15 at 10:28
  • 1
    Why would you expect to be able to get the user's password? That would be pretty horrible insecure, wouldn't it? You should be given proof that the user is who they say they are, but that *doesn't* mean getting their plaintext password. I suggest you delete this question and think very carefully about what you're trying to achieve, before writing a new question about it if necessary. – Jon Skeet Nov 17 '15 at 10:31
  • 1
    [HTTP digest authentication](http://stackoverflow.com/a/2384280/243245) relies on the server having the plain text password. Your best bet would be to look on the server: you're not reasonably going to recover it from the MD5 hash. – Rup Nov 17 '15 at 10:48
  • @Rup Great example https://en.wikipedia.org/wiki/Digest_access_authentication but have can I decode password? – Rafał Developer Nov 17 '15 at 11:00
  • You can't. The only way you could would be to try every possible password in the HA1 calculation on that page until you get a hash match, and that's a deliberately expensive computation. You'll need to find a different way to recover the password. – Rup Nov 17 '15 at 11:03
  • @Rup Is it possible to check this Password "x676sjsnjss7xxx" is part of this response="6acc0f7e891fe4daa4174da35f098764" return true or false? – Rafał Developer Nov 17 '15 at 11:08
  • 1
    Possibly, following the steps on the wikipedia article. You'd also need the request part to hash (HA2) which isn't above. But it would be simpler to try logging into the HTTP endpoint with a web browser that supports digest authentication (probably all of them) if you just want to verify the password. – Rup Nov 17 '15 at 11:11
  • @Rup can you write your comment as answer I would like to accepted this – Rafał Developer Nov 17 '15 at 11:17

2 Answers2

2

As you linked in the question, that's HTTP digest authentication. The response value is constructed from an MD5 hash of MD5 hashes; in your case (MD5-sess, auth)

  • a hash of "user:realm:password", then fed into a second hash with the two nonce strings in the request
  • a hash constructed from the HTTP request line
  • finally both of these hash outputs separated by one of the nonce strings is hashed again to construct the reponse.

The only way to recover the password from the response hash would be to repeat the process with every possible password until you find one that matches; since the request is constant that's three MD5 hashes per candidate password. This is likely too computationally expensive to actually do.

If you really need this password, and can't just change the password on the account or ask someone who knows, your best bet would be to try and recover it from the server: at worst, the server will need to have the very first hash of "user:realm:password" stored which would be only a single hash to brute-force to recover the password from. If you're lucky the server will have the password in plain text so that it can construct this hash for any arbitrary realm string.

Finally given your user has a 'domain' part this is probably a Windows account? There are tools out there which will help you recover or reset a Windows account password, although I don't know if they require domain admin access anyway, and can't recommend one.

Community
  • 1
  • 1
Rup
  • 33,765
  • 9
  • 83
  • 112
1

You can't get the password from the data provided. You should find another way to authenticate

simonalexander2005
  • 4,338
  • 4
  • 48
  • 92