Oliver Schoenknecht <[EMAIL PROTECTED]> writes: > Hello everyone, > > first of all I need to tell you that I have some kind of bet running - > a friend of mine has put up a SuSE 6.3 linux-proxy and mail server and > claims it to be safe although you can reach it via telnet and ftp from > outside... Recently he dared me to try to crack his password file so > that he may think about new ways of protecting his system... After > some search I got his password file which you see below ... I for > myself can make out the different users but the passwords are > encrypted.... does anyone of you know how to decrypt those strange > letters into clear text ? Your help is appreciated very well as I am > about to win some gallons of beer if I succeed ;-) ! > > > root:nfDtfW1jlCDo.:0:0:Der Systemverwalter:/root:/bin/bash > bin:*:1:1:bin:/bin: daemon:*:2:2:daemon:/sbin: > adm:*:3:4:adm:/var/adm: lp:*:4:7:lp:/var/spool/lpd: > sync:*:5:0:sync:/sbin:/bin/sync > shutdown:*:6:0:shutdown:/sbin:/sbin/shutdown halt:*:7:0:halt:/sbin:/sbin/halt > mail:*:8:12:mail:/var/spool/mail: > news:*:9:13:news:/var/spool/news: uucp:*:10:0:uucp:/var/spool/uucp: > operator:*:11:0:operator:/root: > games:*:12:100:games:/usr/games: gopher:*:13:30:gopher:/usr/lib/gopher-data: > ftp:*:14:50:FTP User:/home/ftp: > nwserv:*:98:98:Novell-Server-Administrator:/home/nwserv: > nobody:*:99:99:Nobody:/home/ftp: > users:*:100:100:Users:/: xmail:*:101:101:Automatischer Mail-Austausch:/: > ips:OYpr4MrkKRtfg:102:0:Das > IPS-Wartungsteam:/home/ips:/bin/bash gast:nNeuxHMzMuJ9s:400:400:Generic STZ > User:/home/gast:/usr/local/bin/menue > client01:T3S4y0uqUDiOc:401:400:Gast-Benutzer
If the file you got is /etc/passwd, tell your friend to use shadow passwords to begin with. If he already is, tell him he has a problem with permissions on /etc/shadow. I have -rw-r--r-- 1 root root 1583 Jul 16 17:28 /etc/passwd -rw-r----- 1 root shadow 992 Jul 16 17:28 /etc/shadow which requires root access or shadow group membership to just see the encrypted passwords. Next, if you want to try crack the passwords you got, there are a few programs that will do that for you. See the Security HOWTO chapter 6 for details on password encryption and cracking. -- Olaf Meeuwissen Epson Kowa Corporation, Research and Development
