JNDI LDAP如何解码SSHA密码

Question

我使用apacheds(作为LDAP服务器)，并使用apache directory studio向其中插入条目。对于userPassword属性，我只选择了纯文本。但是，apache directory studio正在对其进行加密。我不知道为什么会这样。现在，用于检索该条目的java程序将为我提供一个ssha加密的密码。有没有人能帮我破解它？

    import java.util.Hashtable;
    import javax.naming.Context;
    import javax.naming.NamingEnumeration;
    import javax.naming.NamingException;
    import javax.naming.directory.Attribute;
    import javax.naming.directory.Attributes;
    import javax.naming.directory.DirContext;
    import javax.naming.directory.InitialDirContext;

    class GetAttrs {
    public static void main(String[] args) {

    // Set up the environment for creating the initial context
    Hashtable<String, Object> env = new Hashtable<String, Object>(11);
    env.put(Context.INITIAL_CONTEXT_FACTORY,
      "com.sun.jndi.ldap.LdapCtxFactory");
    env.put(Context.PROVIDER_URL, "ldap://localhost:10389/o=mojo");
    env.put(Context.SECURITY_AUTHENTICATION, "simple");
    env.put(Context.SECURITY_PRINCIPAL, "uid=admin,ou=system");
    env.put(Context.SECURITY_CREDENTIALS, "secret");

    try {
    // Create initial context
    DirContext ctx = new InitialDirContext(env);

    // Specify the ids of the attributes to return
    String[] attrIDs = { "cn", "sn", "uid", "userPassword" };

    // Get the attributes requested
    Attributes answer = ctx
      .getAttributes("cn=Harish Koppala, ou=Users", attrIDs);

    // Print the answer
    printAttrs(answer);

    // Close the context when we're done
    ctx.close();
    } catch (Exception e) {
    e.printStackTrace();
    }
    }

    static void printAttrs(Attributes attrs) throws Exception{
    if (attrs == null) {
    System.out.println("No attributes");
    } else {
    /* Print each attribute */
    try {
    for (NamingEnumeration ae = attrs.getAll(); ae.hasMore();) {
      Attribute attr = (Attribute) ae.next();
      System.out.print(attr.getID()+" : ");
      /* print each value */
      if("userpassword".equalsIgnoreCase(attr.getID())){
          for (
                  NamingEnumeration e = attr.getAll();
                  e.hasMore();                    
                  System.out.println(new String((byte[])e.next()))
               );
      }else{
      for (
              NamingEnumeration e = attr.getAll();
              e.hasMore();
              System.out.println(e.next())
          );
      }
      }
     } catch (NamingException e) {
     e.printStackTrace();
     }
     }
     }

     }

输出：

{SSHA}SKA8QY7BBX0tgdZlzL+3sEDFnIBsJwd8VHjexw==：userPassword

uid : hwilliams

序列号: Williams

来源:雨果·威廉姆斯

Answer 1

它没有加密它。它正在安全地对其进行散列。你不能解密或解码它。