[ILUG] password & shadow
Colm MacCarthaigh
colmmacc at redbrick.dcu.ie
Sat Nov 17 14:56:34 GMT 2001
On Fri, Nov 16, 2001 at 10:28:16PM -0800, saeed babadi nia wrote:
>
> Hi all
>
> I want to know how someone can find the password
> with having password and shadow files ?
assuming you are reffering to /etc/passwd and /etc/shadow
and the system is configured (as is the default configuration)
to use /etc/shadow for authentication there are several methods.
/etc/shadow typically stores passwords as the result of a one way hash
function , usually DES or MD5, it's pretty much impossible to take a hash
and find out what the corresponding password is. You can however try a
dictionary attack, whereby you hash the entire contents of a sophisticated
dictionary, reversing each word, replacing certain letters with numbers,
adding numbers, trying certain capitalisations .. etc. In in a large
shadow file it is common to get quiet a few weak passwords this way.
There are numerous utilites available to help with this task.
In a small shadow file, with sensible passphrase choices you havnt a
hope.
--
------------------------------------------------------------
colmmacc at redbrick.dcu.ie
More information about the ILUG
mailing list