Re: forgot password in Kmail

[John Gay <johngay@eircom.net>]

On Thu 11 Dec 2003 12:28, Mauro Darida wrote:
> On Sun, 07 Dec 2003 at 11:20:59 +0000, Syd Alsobrook wrote:
> > On Friday 05 December 2003 05:45, Patrick Dreker wrote:
> > > Am Freitag, 05. Dezember 2003 10:50 schrieb Mauro Darida 
<MauroDarida@ifi>:
> > > > How to retrieve the password which kmail holds obfuscated in .kmailrc
> > > > ? I use kde 3.1.2 on woody.
> > >
> > > Simply use ethereal or tcpdump to sniff your own password from the
> > > network. Don't forget to diable SSL/TLS before sniffing, otherwise
> > > there won't be much to see...
> >
> > ethereal and tcpdump might be a little over kill. There is a utility that
> > I really like called dsniff. It is a very cool app.
>
> dsniff is not in woody, which I use. I tried tcpdump during connection:
> #tcpdump -w istrpwd
> #strings istrpwd
> but it showed nothing similar to a password of mine.
> I can't believe the only way is a C compilation as previously suggested,
> which is a bit beyond my experience (ok, I did compile kernels, but with
> make-kpkg is a different story).
> Saluti, Mauro.

Well, I had this very same problem a while ago. The C program I sent worked 
for me and it's not that difficult, so I'll spell it out for you so you can 
get your mail back. Of course this is dependant on the version of kmail. I 
just tested with kmail-1.5 using KDE-3.1.0 and the encoding seems to be 
different. Not sure which version did work, except is was a standard Debian 
version at the time. So YMMV:

Create a file, call it crackpass.c or what ever you want, with the following 
code inside: (Don't include the snip or snap lines)
-------- snip --------
#include <stdio.h>

int main()
{
  char buf[100];
  int len, i;

  while (fgets (buf, sizeof(buf), stdin))
  {
    len = strlen (buf) - 1;
    for (i = 0; i < len; i++)
      putchar (287 - buf[i]);
    puts("");
  }
}
------- snap --------

To compile, enter:

gcc -o crackpass crackpass.c

This tells gcc to compile the source file crackpass.c and name the executable 
crackpass. You can use different names if you wish.

To run the program, enter:

./crackpass

and the program will wait for input. Open your .kmailrc file in another shell 
window using:

less .kde/share/config/kmailrc

You will probably need to streach out the window to prevent wrapping. The info 
you want is on the line:

pass=<BUNCH_OF_FUNNY_CHARACTERS>

use your mouse to highlight the funny characters, then paste them into the 
shell running crackpass with your middle button. If you are running the right 
version of kmail, when you press enter, you will see your password decrypted. 
If not, you might want to play around with the value in the source code for 
putchar(287 = buf[i]); to see if you can figure it out.

I'm not sure, but my kmailrc file seems to be completely different. If this 
doesn't work, I'd suggest asking on a KDE mailing list, and be sure to 
include the exact version of kmail and KDE so they can tell you which 
encoding is used.

Hope this helps in some way.

Cheers,

	John Gay
> --
> On this laptop no Windows system survives and LINUX POWER reigns UNLIMITED.
> GnuPG key ID: 28A61681