Re: Password decrypting ? Sendmail problems ?
Oliver Schoenknecht <oschoenknecht@kapa.de> writes:
> Hello everyone,
>
> first of all I need to tell you that I have some kind of bet running -
> a friend of mine has put up a SuSE 6.3 linux-proxy and mail server and
> claims it to be safe although you can reach it via telnet and ftp from
> outside... Recently he dared me to try to crack his password file so
> that he may think about new ways of protecting his system... After
> some search I got his password file which you see below ... I for
> myself can make out the different users but the passwords are
> encrypted.... does anyone of you know how to decrypt those strange
> letters into clear text ? Your help is appreciated very well as I am
> about to win some gallons of beer if I succeed ;-) !
>
>
> root:nfDtfW1jlCDo.:0:0:Der Systemverwalter:/root:/bin/bash bin:*:1:1:bin:/bin: daemon:*:2:2:daemon:/sbin:
> adm:*:3:4:adm:/var/adm: lp:*:4:7:lp:/var/spool/lpd: sync:*:5:0:sync:/sbin:/bin/sync
> shutdown:*:6:0:shutdown:/sbin:/sbin/shutdown halt:*:7:0:halt:/sbin:/sbin/halt mail:*:8:12:mail:/var/spool/mail:
> news:*:9:13:news:/var/spool/news: uucp:*:10:0:uucp:/var/spool/uucp: operator:*:11:0:operator:/root:
> games:*:12:100:games:/usr/games: gopher:*:13:30:gopher:/usr/lib/gopher-data: ftp:*:14:50:FTP User:/home/ftp:
> nwserv:*:98:98:Novell-Server-Administrator:/home/nwserv: nobody:*:99:99:Nobody:/home/ftp:
> users:*:100:100:Users:/: xmail:*:101:101:Automatischer Mail-Austausch:/: ips:OYpr4MrkKRtfg:102:0:Das
> IPS-Wartungsteam:/home/ips:/bin/bash gast:nNeuxHMzMuJ9s:400:400:Generic STZ
> User:/home/gast:/usr/local/bin/menue client01:T3S4y0uqUDiOc:401:400:Gast-Benutzer
If the file you got is /etc/passwd, tell your friend to use shadow
passwords to begin with. If he already is, tell him he has a problem
with permissions on /etc/shadow. I have
-rw-r--r-- 1 root root 1583 Jul 16 17:28 /etc/passwd
-rw-r----- 1 root shadow 992 Jul 16 17:28 /etc/shadow
which requires root access or shadow group membership to just see the
encrypted passwords.
Next, if you want to try crack the passwords you got, there are a few
programs that will do that for you. See the Security HOWTO chapter 6
for details on password encryption and cracking.
--
Olaf Meeuwissen Epson Kowa Corporation, Research and Development
Reply to: