Date: Tue, 20 Feb 1996 16:35:28 -0700 From: nate@sri.MT.net (Nate Williams) To: questions@freebsd.org Subject: Re: Q: exportable DES library ... Message-ID: <199602202335.QAA12323@rocky.sri.MT.net>
next in thread | raw e-mail | index | archive | help
[ Removed -stable from the list ] > > The default password "encryption" with 1.x > > was a simple scrambler and about as difficult to break as a Captain > > Midnight decoder ring, fresh from a box of cereal. > > Cute - yet more motivation to solve this.. :/ Well, it wasn't *quite* that bad. :) > > That might actually work to your advantage, however. Nate - what was > > the algorithm you used? I don't have any 1.x sources around to check. > > From the 1.1 srcdist I've got, it appears that 1.1 libcrypt sources > call MD5 routines, yet there are references to the need for DES > routines in the libc crypt.. Confusion reigns, could someone help me > identify the actual default/original passwd encryption routines used > by 1.1.5.1-RELEASE, with what src distrib they're in, etc? The default crypt exists in /usr/src/lib/libc/*/crypt.c, which I'm pretty sure has the DES comments in it, but it has been awhile. > > It may well be that you can write a perl script to descramble the > > puppies and then re-DES or MD5 encrypt them. Unfortunately, it's not that easy. The scrambler routine was stolen from a Minix posting from the mid 80's which was written because the default Minix password encrypter which could be reversed. Now, the scrambler routine might be reversable, but I don't know of any script to do that. When we first installed it it was pretty easy to 'reverse' the default encryption since the default was plain-text passwords, but moving from the scrambler to MD5 or DES might be difficult. Nate
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199602202335.QAA12323>