On Thu, Jan 08, 2009 at 01:37:06PM +0100, Damien Fleuriot wrote: > ... > I was toying around with a site that proposed to hash passwords to > MD5, and comparing results with my host running FreeBSD 7.0-STABLE > > At some point I didn't get the same hash from the website and from BSD. > > On BSD: > echo -n "test'$_at_" | md5 > 5c28a8c6d799d302f3ef53afefdfc81b > > On website: > f883cdacbb478c241c51da1f67fbe9bf > > After swapping characters around I realized that echo just interprets > $_at_ (which in our case is null). Errr... no, I think you will find that what echo saw was actually a string whose md5 hash was "5c28a8c6d799d302f3ef53afefdfc81b". The "$_at_" was seen as a token by the shell, its value interpolated, and passed along to echo (which may well have been a shell builtin in any case, depending on what shell you were using). That's what escaping the "$" worked. > ... Peace, david -- David H. Wolfskill david_at_catwhisker.org Depriving a girl or boy of an opportunity for education is evil. See http://www.catwhisker.org/~david/publickey.gpg for my public key.
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:39:40 UTC