On Sun, Aug 20, 2006 at 02:39:34PM -0300, Marcos de Souza Trazzini wrote: > My question is very _SIMPLE_ :
> There-s a form to decrypt the passwords stored in /etc/shadow file?
Simple answer...
No, of course not. If there were, that would be a bug.
Longer answer...
What is in the shadow file is NOT encrypted passwords. They are
password hashes. The hashes can not be reversed. That's the whole idea.
You take a seed (a somewhat random 128 bit number for md5 hashes) and the
password and generated a hash (md5 for example) of the value. The hash and
the seed get stored in the shadow file. If you want to validate the password,
you take the seed from the shadow file and combine it with the puntative
password and take the hash of that. If it matches the hash in the shadow
file, the pasword must have matched the original password and it passes.
If the hashes don't match, then the passwords didn't match and it fails.
You NEVER have to reverse the hash and recover the plaintext password
from the hash. The seed is there to insure that if two instances
(accounts) use the same password, they DON'T get the same hash (because
the seeds are different) making brute force guessing and precomputed
dictionary hash attacks neigh unto impossible.
Best you can do is brute force guessing different passwords.
John the Ripper or Crack do a pretty fair job against lame passwords.
Against good passwords, you don't stand much of a chance. Unfortunately,
few people use good passwords... :-(
> --
> redhat-list mailing list
> unsubscribe mailto:[EMAIL PROTECTED]
> https://www.redhat.com/mailman/listinfo/redhat-list
Mike
--
Michael H. Warfield | (770) 985-6132 | [EMAIL PROTECTED]
/\/\|=mhw=|\/\/ | (678) 463-0932 | http://www.wittsend.com/mhw/
NIC whois: MHW9 | An optimist believes we live in the best of all
PGP Key: 0xDF1DD471 | possible worlds. A pessimist is sure of it!
pgp00000.pgp
Description: PGP signature
