Skip site navigation (1)Skip section navigation (2)
Date:      Wed, 07 Jul 1999 19:41:08 +0800
From:      Peter Wemm <peter@netplex.com.au>
To:        Kris Kennaway <kkennawa@physics.adelaide.edu.au>
Cc:        security@freebsd.org
Subject:   Re: Improved libcrypt ready for testing 
Message-ID:  <19990707114108.58E8E78@overcee.netplex.com.au>
In-Reply-To: Your message of "Wed, 07 Jul 1999 09:08:32 %2B0930." <Pine.OSF.4.10.9907070905210.30995-100000@bragg> 

next in thread | previous in thread | raw e-mail | index | archive | help
Kris Kennaway wrote:
> On Wed, 7 Jul 1999, Peter Wemm wrote:
> 
> > Say... you wouldn't like to impliment an NT-style password hash, would you?
> > *NOT* the LAN-Manager (LAN-damager?) hash with the 2 chunks of 7 characters
> > weak method that gets decoded in what seems like seconds according to
> > bugtraq.  The NT hash is 128 character etc.  It's also unicode and not case
> > sensitive, but that shouldn't be a problem to implement.
> 
> This is worth looking at. Do the password hashes have any distinguishing
> characteristics other than being 128 characters long? I'm wondering how
> they'd be distinguished in the password file, unless we add a $NT$ prefix.
> 
> Kris

Looking at /usr/local/private/smbpasswd, samba's NT-style shadow
password file:

logname:2004:260AAF5FD661391EAAD3B345B51404EE:E9402F112D1BEC4978F943B55C11EB46:
Gecos Username:/home/logname:/usr/local/bin/tcsh

So, I guess this would do:
$NT$260AAF5FD661391EAAD3B345B51404EE$E9402F112D1BEC4978F943B55C11EB46

(This is a real line with the names and hash sufficiently corrupted so
nobody gets ideas about trying to crack it. :-)

Also, we really do need some way to implement plugins that works on both
static and dynamic binaries.  I would suggest that for dynamic binaries,
libcrypt would be compiled  (ie: #ifdef PIC) to dlopen() the .so files
based on a config file.  For static libcrypt, it would have to fork and pipe
the string to a static helper binary that returns the hash from the string.
That way /sbin/init will be able to verify any method for root password when
in non-secure console mode.

I would suggest a /etc/crypt.conf or something that contains the prefix
and both a static and dynamic plugin.

ie:
NT	/usr/lib/pwhash_nt.so		/sbin/_pwhash_nt
1	/usr/lib/pwhash_md5.so		/sbin/_pwhash_md5
2	/usr/lib/pwhash_bfish.so	/sbin/_pwhash_bfish
default	/usr/lib/pwhash_des.so		/sbin/_pwhash_des

Cheers,
-Peter
--
Peter Wemm - peter@FreeBSD.org; peter@yahoo-inc.com; peter@netplex.com.au



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19990707114108.58E8E78>