Thread Info
  • State Verified Answer
  • +3 person also asked this people also asked this
  • Locked Locked
  • Replies 5 replies
  • Subscribers 32 subscribers
  • Views 2136 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

KBA 135412 Hashing Algorithm???

AlexRomp

The KBA says if you were attacked, the passwords were hashed.  Don't supposed anybody knows how they were hashed or if Sophos will share that data with us?  Were they salted?  MD5 (I hope not but I'd bet it is)?  Something better like SHA1?

 

I'm going to see if anybody has any PoC attacks written about this online where we can see the exfiltrated data.



This thread was automatically locked due to age.
Parents
  • 0

    Hi, we also investigated our Sophos XG Firewalls and found a Table "view_simpleusers" where usernames and passwords are saved. The passwords are only encrypted, not even hashed (why?). I want to know which exact algorithm was used to encrypt the passwords, as for example aes on ECB mode makes it possible for the attacker to get encryption key after guessing one (weak) password.

Reply
  • 0

    Hi, we also investigated our Sophos XG Firewalls and found a Table "view_simpleusers" where usernames and passwords are saved. The passwords are only encrypted, not even hashed (why?). I want to know which exact algorithm was used to encrypt the passwords, as for example aes on ECB mode makes it possible for the attacker to get encryption key after guessing one (weak) password.

Children
No Data