generating passwords in md5 or sha1 for an asp.net web.config

Quick note. In the course of updating some passwords I found a web.config file that contained clear text passwords. Passwords can be stored in cleartext, md5 or sha1 hashes as specified here. There’s surprisingly no hash generator kicking around a default system. I’ve used /sbin/grub-md5-crypt in the past but the output is crypt compatible, not a standard hash. craSH pointed out ‘openssl dgst’ which worked great. It’s normally for hashing a file, but will take input on stdin. Keep in mind that echo produces a \n by default, which affects the hash.

echo -n mypassword | openssl dgst -sha1

Leave a Reply

Your email address will not be published. Required fields are marked *

Time limit is exhausted. Please reload the CAPTCHA.