From owner-freebsd-questions  Wed Nov 11 17:57:26 1998
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id RAA05714
          for freebsd-questions-outgoing; Wed, 11 Nov 1998 17:57:26 -0800 (PST)
          (envelope-from owner-freebsd-questions@FreeBSD.ORG)
Received: from firewall.scitec.com.au (fgate.scitec.com.au [203.17.180.68])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id RAA05706
          for <freebsd-questions@FreeBSD.ORG>; Wed, 11 Nov 1998 17:57:22 -0800 (PST)
          (envelope-from john.saunders@scitec.com.au)
Received: by firewall.scitec.com.au; id MAA17015; Thu, 12 Nov 1998 12:57:04 +1100 (EST)
Received: from mailhub.scitec.com.au(203.17.180.131) by fgate.scitec.com.au via smap (3.2)
	id xma017007; Thu, 12 Nov 98 12:56:41 +1100
Received: from saruman (saruman.scitec.com.au [203.17.182.108]) by mailhub.scitec.com.au (8.6.12/8.6.9) with SMTP id MAA27324; Thu, 12 Nov 1998 12:56:36 +1100
From: "John Saunders" <john.saunders@scitec.com.au>
To: "Matthew R. Heusser" <matt@pcr7.pcr.com>, <freebsd-questions@FreeBSD.ORG>
Subject: RE: Help! Password Compares in FreeBSD
Date: Thu, 12 Nov 1998 12:56:36 +1100
Message-ID: <006801be0ddf$ae26d080$6cb611cb@saruman.scitec.com.au>
MIME-Version: 1.0
Content-Type: text/plain;
	charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
X-Priority: 3 (Normal)
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook 8.5, Build 4.71.2173.0
X-Mimeole: Produced By Microsoft MimeOLE V4.72.2106.4
Importance: Normal
In-Reply-To: <004601be0db8$e47578c0$47eb1bcc@XSTA71.pcr.com>
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

> Right now, I have a HTML page running on a FreeBSD
> server.  The HTML page accepts a username and password,
> and then calls a perl (CGI) process.  The perl process finds
> the /etc/passwd file and parses it, searching for the username.
> When it finds the username, it grabs the encrypted password.

Do you realise that /etc/passwd doesn't actually contains
the encrypted passwords? On most Unix boxes that have a
shadow password facility the encrypted passwords are hidden
(/etc/master.passwd) unless you are root. The easiest way is
to use suidperl and to make your script suid root. Then use...

	($login, $pass) = getpwnam($user);

...to locate the encrypted password.

> $stringCipher = crypt($stringGuess, $stringTemp) 
>   (Where $temp is the first two characters of the encrypted password)(*)

Change this to...

	$stringCipher = crypt($stringGuess, $stringCryptedPassword) 

If Perl calls the system crypt() function it will handle
the MD5/DES difference automagically. By passing the full
encrypted password instead of just 2 characters the crypt
function can check for $1$ itself and encrypt the guessed
password using MD5 instead of DES.

Cheers.
--   .   +-------------------------------------------------------+
 ,--_|\  | John Saunders    mailto:John.Saunders@scitec.com.au   |
/  Oz  \ | SCITEC LIMITED   Phone +61294289563  Fax +61294289933 |
\_,--\_/ | "By the time you make ends meet, they move the ends." |
      v  +-------------------------------------------------------+


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message