Skip site navigation (1)Skip section navigation (2) 
Date:      Wed, 8 Apr 1998 23:28:39 +0800 (SGT)
From:      chas <panda@peace.com.my>
To:        questions@FreeBSD.ORG
Subject:   Crack on FBSD - how to make it more thorough ? 
Message-ID:  <3.0.32.19980408235052.0117f9e8@peace.com.my>
next in thread | raw e-mail | index | archive | help 
I installed Crack-5.0 using the package (not the port) and
it seems to function, but I'm not sure it's working properly.
I changed the shadmrg script to merge the /etc/passwd and 
/etc/master.passwd and ran Crack on the output. 

Crack was finished in less than 10 seconds.
OK, so I only have 100 users on this system but I thought
that this would be still quite an intensive task to run.

Before this, I'd added a 'dummy' userid with passwd "HELLO"
so that I could check that crack was actually doing 
something but strangely, Crack didn't find that (and
I wouldn't have thought "HELLO" was a particularly
intelligent passwd). Fortunately, Crack did discover 
2 users with ridiculously easy passwds (since corrected).
so I knew it was doing something.

Looking at conf/dictrun.conf, I see that nearly all the 
rules were employed. Should it really have run so fast ?

the Reporter also showed the following errors for all user :

E:0:bad format: output.txt: username:$1$NTG2CU1tFICN2VX20:1029:1006:U
ser &:/home/username:/bin/sh 

I was running Crack on a file output.txt, which was the output
of running scripts/shadmrg.fbsd, based on the supplied shadmrg.sv :

SHADOW=/etc/master.passwd
PASSWD=/etc/passwd

(
        sed -e 's/^/STAG:/' < $SHADOW
        sed -e 's/^/PTAG:/' < $PASSWD
) |
awk -F: '
BEGIN {
        OFS=":";
$1 == "STAG" {
        pw[$2] = $3;
        next;
}
$1 == "PTAG"{
        $3 = pw[$2];
        print $0;

}' | 

I'm afraid I'm not an awk guy so if I just swapped the variable
names at the top.

Anyway, if there are any other changes that need to be done
to get crack to work perform a more thorough check on FBSD ?

chas


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3.0.32.19980408235052.0117f9e8>