Re: Convert md5 password from openBSD to debian md5 ?
On Sat, 2001-10-20 18:09:14 +0200, Norbert Bomba?a <nb@amnet.pl>
wrote in message <[🔎] Pine.LNX.4.21.0110201800160.7576-100000@zebra.amnet.pl>:
> Helo :-)
>
> How to convert password file form OPENBSD /etc/master.passwd MD5 to
> debian MD5 /etc/passwd file ???
> The coded strings aren't the same length a I think that they are coded not
> the same way.
> Where can I find convert script or how to do this ?
> I tried coded the same user and the same password in both systems and ...
> coded password are diffrent.
Try to add 2 new users at your linux box with exactly the same
password. See that the crypted (hashed) version is not the same.
Well, the problem is that 2 users might use the same password. If
I had stolen a /etc/passwd, I would instantly know that I've
cracked both users because I would see two identical crypted
values. So whenever you're to set a new password, the system
fetches some random data (the first characters of the crypted
value you find in /etc/passwd) and prepends it with your input.
This combined string gets actually hashed. In the hashed result
is also written to your /etc/passwd, it's the rest of the
crypted characters you find in the passwd field. So try to
simply copy one of your BSDish password hashes to a newly
created user's passwd field on your Linux box and try it. I
actually haven't done that before, but it *might* succeed...
MfG, JBG
--
Jan-Benedict Glaw . jbglaw@lug-owl.de . +49-172-7608481
Reply to: