Klaus Trainer has just posted a short article on how to write a short program, that checks usernames and passwords on a Linux machine.
I was at first confused why it works, since there was no salt. But in fact it’s there, inside the entry in /etc/shadow.
Here’s the format:
$<HASHING-METHOD>$<SALT>$<HASHED-PASSWORD (base64)>
So for example if we have a row like this:
$6$qUgyc2fC$hljmJlJU7TV4gm8GDZd51eZnxNgWp3rUJ49kSblRLssLqxux5K.xSIcIn2QjL27jXOREBfXiB1WES3SEIPHk10
Then the 6 means that SHA512 was used, and qUgyc2fC is the salt.
P.S.: You can follow me on Twitter.