From owner-freebsd-questions Tue Apr 14 11:37:57 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id LAA08070 for freebsd-questions-outgoing; Tue, 14 Apr 1998 11:37:57 -0700 (PDT) (envelope-from owner-freebsd-questions@FreeBSD.ORG) Received: from alcatel.fr (ns.celwave.tm.fr [194.133.58.131]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id SAA07894 for ; Tue, 14 Apr 1998 18:37:28 GMT (envelope-from THIERRY.HERBELOT@telspace.alcatel.fr) From: THIERRY.HERBELOT@telspace.alcatel.fr Received: from alcatel.fr (gatekeeper-ssn.alcatel.fr [155.132.180.244]) by mailgate.alcatel.fr (ALCANET/SMTP.9.9.9) with ESMTP id SAA05110; Tue, 14 Apr 1998 18:45:09 +0200 Received: from lune.telspace.alcatel.fr (lune.telspace.alcatel.fr [155.132.144.65]) by aifhs2.alcatel.fr (ALCANET/SMTP2) with ESMTP id RAA07318; Tue, 14 Apr 1998 17:33:17 +0200 (MET DST) Received: from telss1 (telss1.telspace.alcatel.fr [155.132.51.4]) by lune.telspace.alcatel.fr (8.7.6/8.7.3) with SMTP id RAA04237; Tue, 14 Apr 1998 17:32:40 +0200 (MET DST) Received: from eole.telspace.alcatel.fr by telss1 (4.1/SMI-4.1) id AA00539; Tue, 14 Apr 98 17:22:54 +0200 Received: from localhost by eole.telspace.alcatel.fr with SMTP (1.40.112.12/16.2) id AA094247158; Tue, 14 Apr 1998 17:19:18 +0200 X-Openmail-Hops: 1 Date: Tue, 14 Apr 98 17:19:10 +0200 Message-Id: In-Reply-To: <3.0.32.19980409020411.00ecf9a8@peace.com.my> Subject: =?ISO-8859-1?Q?R=E9p_:_Crack=5Fon=5FFBSD?= Mime-Version: 1.0 To: panda@peace.com.my Cc: freebsd-questions@FreeBSD.ORG Content-Type: text/plain; charset=ISO-8859-1; name="Crack_on_FBSD" Content-Disposition: inline; filename="Crack_on_FBSD" Content-Transfer-Encoding: 8bit X-MIME-Autoconverted: from quoted-printable to 8bit by hub.freebsd.org id SAA07952 Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Hello There are two problems : 1/ running the Crack program on a given Machine/OS combination (which the Crack manual deals with - or you could get by with the port ....) 2/ having Crack "crack-ing" your password database : if the passwords are encrypted via the MD5 method, there is no way Crack could discover them (it can only find password encrypted via DES) Hope this helps TfH ____________________________ Séparateur Réponse ________________________________ Objet : Crack_on_FBSD Auteur : panda@peace.com.my Date : 08/04/98 19:41 Thank you for the explanation, Thierry, though I'm still rather confused. I had already checked the archives and found the MD5/DES posts but thought that they dealt with a different problem since the Crack manual mentioned configuration for FreeBSD. Strange to have a port of Crack available at all then, no ? And strange that it still managed to come up with 2 of the passwds. Cheers, chas > You could check it on the mailing llist archive : passwords beginning > with $1$ are crypted with the MD5 library. Crack tries to discover > passwords crypted with the (standard) DES library : it's completely > normal that you can't find back HELLO. > > AFAIK, there is no method to automatically convert your password > database from MD5 crypting to DES crypting (you would need a tool to > automatically discover the source passwords "in the clear" first, and > all crypting methods try hard making such tolls impossible to have - > except if your name is NSA) > > good luck > > TfH > > > > >____________________________ Séparateur Réponse ________________________________ >Objet : Crack on FBSD - how to make it more thorough ? >Auteur : panda@peace.com.my >Date : 08/04/98 17:28 > > >I installed Crack-5.0 using the package (not the port) and >it seems to function, but I'm not sure it's working properly. >I changed the shadmrg script to merge the /etc/passwd and >/etc/master.passwd and ran Crack on the output. > >Crack was finished in less than 10 seconds. >OK, so I only have 100 users on this system but I thought >that this would be still quite an intensive task to run. > >Before this, I'd added a 'dummy' userid with passwd "HELLO" >so that I could check that crack was actually doing >something but strangely, Crack didn't find that (and >I wouldn't have thought "HELLO" was a particularly >intelligent passwd). Fortunately, Crack did discover >2 users with ridiculously easy passwds (since corrected). >so I knew it was doing something. > >Looking at conf/dictrun.conf, I see that nearly all the >rules were employed. Should it really have run so fast ? > >the Reporter also showed the following errors for all user : > >E:0:bad format: output.txt: username:$1$NTG2CU1tFICN2VX20:1029:1006:U >ser &:/home/username:/bin/sh > >I was running Crack on a file output.txt, which was the output >of running scripts/shadmrg.fbsd, based on the supplied shadmrg.sv : > >SHADOW=/etc/master.passwd >PASSWD=/etc/passwd > >( > sed -e 's/^/STAG:/' < $SHADOW > sed -e 's/^/PTAG:/' < $PASSWD >) | >awk -F: ' >BEGIN { > OFS=":"; >$1 == "STAG" { > pw[$2] = $3; > next; >} >$1 == "PTAG"{ > $3 = pw[$2]; > print $0; > >}' | > >I'm afraid I'm not an awk guy so if I just swapped the variable >names at the top. > >Anyway, if there are any other changes that need to be done >to get crack to work perform a more thorough check on FBSD ? > >chas > > >To Unsubscribe: send mail to majordomo@FreeBSD.org >with "unsubscribe freebsd-questions" in the body of the message > > >To Unsubscribe: send mail to majordomo@FreeBSD.org >with "unsubscribe freebsd-questions" in the body of the message > > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message