[EMAIL PROTECTED] <[EMAIL PROTECTED]>; Michael Beattie
<[EMAIL PROTECTED]>; Joey Hess <[EMAIL PROTECTED]>
Date: Wednesday, August 19, 1998 9:47 PM
Subject: Re: Linux and Security
>-BEGIN PGP SIGNED MESSAGE-
>
>On Wed, 19 Aug 1998, Joey Hess wrote:
>
>> Ge
-BEGIN PGP SIGNED MESSAGE-
On Wed, 19 Aug 1998, Joey Hess wrote:
> George Bonser wrote:
> > On Wed, 19 Aug 1998, Michael Beattie wrote:
> >
> > > Okay, true, but it was more of a feasability question, "if you can get the
> > > string, is it possible to use the following method to decrypt
On 19 Aug 1998, Manoj Srivastava wrote:
> Hi,
> >>"Michael" == Michael Beattie <[EMAIL PROTECTED]> writes:
>
> Michael> After thinking about the crypt function, salts, etc... would
> Michael> it not be possible to do this:
>
> Michael> 1) obtain the source for the crypt function.
> Michael>
Hi,
>>"Michael" == Michael Beattie <[EMAIL PROTECTED]> writes:
Michael> After thinking about the crypt function, salts, etc... would
Michael> it not be possible to do this:
Michael> 1) obtain the source for the crypt function.
Michael> 2) obtain by whatever method, the hashed/encrypted/whatev
George Bonser wrote:
> On Wed, 19 Aug 1998, Michael Beattie wrote:
>
> > Okay, true, but it was more of a feasability question, "if you can get the
> > string, is it possible to use the following method to decrypt it??"
>
> Sure ... the login program has to decrypt it, doesn't it? You can
> cut/p
On Tue, 18 Aug 1998, George Bonser wrote:
> On Wed, 19 Aug 1998, Michael Beattie wrote:
>
> > 2) obtain by whatever method, the hashed/encrypted/whatever password from
> > /etc/shadow.
> >
>
> Stop right there. Since /etc/shadow is readable only by root, if you can
> access the file, you must b
After thinking about the crypt function, salts, etc... would it not be
possible to do this:
1) obtain the source for the crypt function.
2) obtain by whatever method, the hashed/encrypted/whatever password from
/etc/shadow.
3) reverse the technique in the crypt function, then apply that to the
7 matches
Mail list logo
