[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Isn't it a security hole...

>>Perhaps a bit, but not too much. The passwords in /etc/passwd are encrypted
>>through one-way DES encryption.  It's much easier to simply guess users'
>>passwords, the majority of which are first-names or first-names followed
>>by a number.
>>
>        Actually, cracking a unix passwd file is quite easy, even for those
>with minimal computer knowledge.  With widely available programs like Crack
>(UNIX), Crakerjack (DOS), and root_crack(DOS) anybody with a CPU >386 can
>crack the DES encryption with a bit of time.

My understanding of this situation (and please correct me if I'm wrong) is
that the crypt() routine used by passwd is a truly one-way hashing algorithm,
i.e. there simply is no way to go from an encrypted password back to the
original.  Actually, I seem to remember reading that the crypt routine uses
the password in combination with a "random" (based on time of day) string of
bits (called the "salt", can't remember the length, I think it was 12 bits, 
giving 4096 possible encryptions of any given string), and that it uses this
new salt+password as its key in encrypting a string of 0's. Given this, the 
only way to crack the passwords is to compile a dictionary of possible 
passwords, by taking all the likely strings to be used as passwords and 
encrypting each one 4096 times, once for each salt.  Once you have this 
dictionary made, it can be distributed to anyone to use as the foundation of
their crack attack, but if you wish to hack someone personally, i.e. by 
checking their first name, etc., you'll have to add these to the dictionary
(unless common names are also part of the original dictionary). And it should
be plain how anyone with reasonable password-selection skills can be pretty
much immune to this attack, e.g. by using non-word strings, by having 
punctuation, by varying the case of your characters, etc.  If the max passwd
length is 8 bytes, then at a quick estimate it seems that there are 
256^8 * 4096 different possible passwords...?

I think this is a fascinating subject, I hope I haven't gotten it too wrong.
Please reply with corrections.

Thanks,
Steve
Reply to: