Skip site navigation (1)Skip section navigation (2)
Date:      Thu, 9 Apr 1998 01:41:58 +0800 (SGT)
From:      chas <panda@peace.com.my>
To:        THIERRY.HERBELOT@telspace.alcatel.fr
Cc:        questions@FreeBSD.ORG
Subject:   Crack_on_FBSD
Message-ID:  <3.0.32.19980409020411.00ecf9a8@peace.com.my>

next in thread | raw e-mail | index | archive | help
Thank you for the explanation, Thierry, though I'm still
rather confused.  

I had already checked the archives and found the MD5/DES posts
but thought that they dealt with a different problem since the
Crack manual mentioned configuration for FreeBSD. 
Strange to have a port of Crack available at all then, no ?
And strange that it still managed to come up with 2 of the passwds.

Cheers,

chas


>     You could check it on the mailing llist archive : passwords beginning 
>     with $1$ are crypted with the MD5 library. Crack tries to discover 
>     passwords crypted with the (standard) DES library : it's completely 
>     normal that you can't find back HELLO.
>     
>     AFAIK, there is no method to automatically convert your password 
>     database from MD5 crypting to DES crypting (you would need a tool to 
>     automatically discover the source passwords "in the clear" first, and 
>     all crypting methods try hard making such tolls impossible to have - 
>     except if your name is NSA)
>     
>        good luck
>     
>        TfH
>     
>     
>
>
>____________________________ Séparateur Réponse
________________________________
>Objet : Crack on FBSD - how to make it more thorough ?
>Auteur :  panda@peace.com.my
>Date :    08/04/98 17:28
>
>
>I installed Crack-5.0 using the package (not the port) and
>it seems to function, but I'm not sure it's working properly. 
>I changed the shadmrg script to merge the /etc/passwd and 
>/etc/master.passwd and ran Crack on the output. 
>     
>Crack was finished in less than 10 seconds.
>OK, so I only have 100 users on this system but I thought 
>that this would be still quite an intensive task to run.
>     
>Before this, I'd added a 'dummy' userid with passwd "HELLO" 
>so that I could check that crack was actually doing 
>something but strangely, Crack didn't find that (and
>I wouldn't have thought "HELLO" was a particularly 
>intelligent passwd). Fortunately, Crack did discover 
>2 users with ridiculously easy passwds (since corrected). 
>so I knew it was doing something.
>     
>Looking at conf/dictrun.conf, I see that nearly all the 
>rules were employed. Should it really have run so fast ?
>     
>the Reporter also showed the following errors for all user :
>     
>E:0:bad format: output.txt: username:$1$NTG2CU1tFICN2VX20:1029:1006:U 
>ser &:/home/username:/bin/sh 
>     
>I was running Crack on a file output.txt, which was the output
>of running scripts/shadmrg.fbsd, based on the supplied shadmrg.sv :
>     
>SHADOW=/etc/master.passwd
>PASSWD=/etc/passwd
>     
>(
>        sed -e 's/^/STAG:/' < $SHADOW
>        sed -e 's/^/PTAG:/' < $PASSWD
>) |
>awk -F: '
>BEGIN {
>        OFS=":";
>$1 == "STAG" {
>        pw[$2] = $3;
>        next;
>}
>$1 == "PTAG"{
>        $3 = pw[$2];
>        print $0;
>     
>}' | 
>     
>I'm afraid I'm not an awk guy so if I just swapped the variable 
>names at the top.
>     
>Anyway, if there are any other changes that need to be done 
>to get crack to work perform a more thorough check on FBSD ?
>     
>chas
>     
>     
>To Unsubscribe: send mail to majordomo@FreeBSD.org
>with "unsubscribe freebsd-questions" in the body of the message
>
>
>To Unsubscribe: send mail to majordomo@FreeBSD.org
>with "unsubscribe freebsd-questions" in the body of the message
>
>

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3.0.32.19980409020411.00ecf9a8>