Re: Passwd encrytion

To: vineet punetha <vineet@trishul.kec.ernet.in>
Cc: debian-devel@lists.debian.org
Subject: Re: Passwd encrytion
From: Brandon Mitchell <bmitch@atdot.org>
Date: Fri, 19 Mar 1999 16:33:19 -0500 (EST)
Message-id: <[🔎] Pine.LNX.3.96.990319162959.32441A-100000@wm7-214.resnet.wm.edu>
Reply-to: Brandon Mitchell <bmitch@atdot.org>
In-reply-to: <[🔎] Pine.LNX.4.04.9903200036360.18844-100000@trishul.kec.ernet.in>

On Sat, 20 Mar 1999, vineet punetha wrote:

> hi all,
>       how can one decrypt /etc/passwd file and crack into the system.
>   How do you go about decrypting the codings since these being time
> dependent.

It would be crazy to try to decrypt the passwords when it's so easy to
exploit simple buffer overflows like the following one:

echo "I jnag gb penpx ebbg.  Pyrnfr erzbir zl nppbhag." | tr n-za-m a-z |
mailx root

Put it all on one line and the mailx program should overflow and give you
a root shell.  Now let's kill this thread and get back to real work on
this list.

Enjoy,
Brandon

+---                                                                     ---+
| Brandon Mitchell  bmitch@atdot.org  http://bmitch.dhis.org/  ICQ 30631197 |
| Throughout history, UNIX systems have regularly been broken into, beaten, |
| brutalized, corrupted, commandeered, compromised, and illegally fscked.   |
|                                    -- UNIX System Administration Handbook |

Reply to:

Follow-Ups:
- Re: Passwd encrytion
  - From: Wichert Akkerman <wichert@cs.leidenuniv.nl>

References:
- Passwd encrytion
  - From: vineet punetha <vineet@trishul.kec.ernet.in>

Prev by Date: Re: We can halve volume by not allowing nondevelopers to post
Next by Date: Re: We can halve volume by not allowing nondevelopers to post
Previous by thread: Re: Passwd encrytion
Next by thread: Re: Passwd encrytion
Index(es):
- Date
- Thread