Date: Fri, 28 May 1999 20:51:05 -0300 (ADT) From: Michael Richards <026809r@dragon.acadiau.ca> To: Dima <dima@nic.mmc.net.ge> Cc: security@FreeBSD.ORG Subject: Re: System beeing cracked! Message-ID: <Pine.GSO.4.05.9905282044021.14284-100000@dragon> In-Reply-To: <199905280927.OAA08009@nic.mmc.net.ge>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, 28 May 1999, Dima wrote: > can hack into my system. He has ordinary account opened. So, he win! And > i'am wondering if there are any security holes in 3.1? He login as > himself via telnet, then he made him root (but he was not in wheel group > and ofcourse did not know root password) and what is more interesting he Finding an exploitable suid program would allow this to happen. > cracked several password. He made all this in 2 houres, and password was > minimal 10 symbols lenght, containg different case and digits. I am > using MD5 codding, and as I knew it is impossible. Has someone any idea I would do 2 things: a) take your master.passwd file and run crack on it yourself and see if it finds the passwords itself. I played with crack once a long time ago and based on what you've said about the cracked password, I belive it is more likely that he a) broke root b) sniffed the passwords or maybe he shoulder surfed the passwords... I don't believe that md5 can be cracked that quickly. I guess it depends on the randomness of the password. "thisissEcur3" might take a week, but crack will still get it. I think one of the first rules is to replace [il]=1 e=3 s=5 a=4 and all the other commonly substituted letters. -Michael To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.GSO.4.05.9905282044021.14284-100000>