Chapter 2: Passwords
Cracking Unix passwords:
Contrary to popular belief, UNIX passwords cannot be decrypted. UNIX
passwords are encrypted with a one way function. The login program encrypts
the text you enter at the "Password:" prompt and compares that encrypted
string against the encrypted form of your password.
Password cracking software uses wordlists. Each word in the wordlist is
encrypted and the results are compared to the encrypted form of the target
password.
The best cracking program for UNIX passwords is currently Crack by Alec
Muffett. For PC-DOS, the best package to use is currently CrackerJack.
Password Shadowing:
Password shadowing is a security system where the encrypted password field
of /etc/passwd is replaced with a special token and the encrypted password
is stored in a separate file which is not readable by normal system users.
To defeat password shadowing on many (but not all) systems, write a program
that uses successive calls to getpwent() to obtain the password file.
Finding the shadowed password:
UNIX Path Token
-----------------------------------------------------------------
AIX 3 /etc/security/passwd !
/tcb/auth/files/[first letter #
of username]/[username]
A/UX 3.0s /tcb/files/auth/?/*
BSD4.3-Reno /etc/master.passwd *
ConvexOS 10 /etc/shadpw *
ConvexOS 11 /etc/shadow *
DG/UX /etc/tcb/aa/user/ *
EP/IX /etc/shadow x
HP-UX /.secure/etc/passwd *
IRIX 5 /etc/shadow x
Linux 1.1 /etc/shadow *
OSF/1 /etc/passwd[.dir|.pag] *
SCO UNIX #.2.x /tcb/auth/files/[first letter *
of username]/[username]
SunOS4.1+c2 /etc/security/passwd.adjunct ##username
SunOS 5.0 /etc/shadow
[optional NIS+ private secure maps/tables/whatever]
System V Release 4.0 /etc/shadow x
System V Release 4.2 /etc/security/* database
Ultrix 4 /etc/auth[.dir|.pag] *
UNICOS /etc/udb *
This page was created Wed Aug 11 23:16:52 EDT 1999
Using Linux
version 2.0.32
on an i586
Main Page @ Matarese.com
The Myth of the 2600Hz Detector @ Matarese.com
Acquiring Account Information @ Matarese.com
Act2! by Symantec @ Matarese.com
All hacks / Annoyance @ Matarese.com
Alt 2600 Group FAQ @ Matarese.com
Hacking Angelfire @ Matarese.com
Anonymous E-Mail @ Matarese.com
Anonymous FTP: Frequently Asked Questions (FAQ) @ Matarese.com
Maintaining Access - Implementing Backdoors @ Matarese.com
How to Receive Banned Newsgroups FAQ @ Matarese.com
Hacking BBS's @ Matarese.com
phreaking tutorial @ Matarese.com
The Bluebox @ Matarese.com
List of Common Bugs @ Matarese.com
Things that go Bump on the Internet @ Matarese.com
Hacking Calling Cards @ Matarese.com
Expanding the capacity of Caller ID Boxes @ Matarese.com
What is Caller-ID? @ Matarese.com
Hacking Call Back Verify @ Matarese.com
CULT OF THE DEAD COW @ Matarese.com
Cellular Roaming: The New Deals @ Matarese.com
CELLULAR TELEPHONE PHREAKING PHILE SERIES @ Matarese.com
The Matarese Circle @ Matarese.com
Cops and Robbers | UNIX Security @ Matarese.com
Credit Carding Part I @ Matarese.com
Exploits FAQ @ Matarese.com
Making Free Calls @ Matarese.com
FTP Bouncing @ Matarese.com
Hackers Encyclopedia @ Matarese.com
Hacking from Windows9x FTP @ Matarese.com
Hacking Tripod @ Matarese.com
Hacking Web Pages @ Matarese.com
How to crack a UNIX password file. @ Matarese.com
Hacking Servers : A Begginners Guide @ Matarese.com
Hacking Tutorial @ Matarese.com
Hacking UNIX @ Matarese.com
How to Hack the WWWboard Message Board 2.0 @ Matarese.com
Hackers Handbook @ Matarese.com
Guide to Harmless-Hacking @ Matarese.com
All about security holes @ Matarese.com
Hacking Hotmail @ Matarese.com
]How to Hack from from Harlequin and Archangel @ Matarese.com
Improve security by breaking into your site @ Matarese.com
Ch1can0 BEOWULF @ Matarese.com
Internet Security @ Matarese.com
IRC Hacking FAQ by Lord Somer @ Matarese.com
Lan Technology Scorecard @ Matarese.com
Harmless Hacking - Linux @ Matarese.com
INDEX @ Matarese.com
Mail Spoofing Explained @ Matarese.com
Microsoft IIS Vulnerability @ Matarese.com
Microsoft(Yuk) Index Server exposes IDs and Passwords @ Matarese.com
Intresting Microsoft Access 7.0 Trick @ Matarese.com
MS Money 2.0 Back Door @ Matarese.com
Mind Your Own Business (MYOB) @ Matarese.com
This Hack is for the OptiChat Original Chat Room @ Matarese.com
Internet Outdials @ Matarese.com
Introduction to the Internet Protocols @ Matarese.com
Analysis of QueSO Performance @ Matarese.com
Finger - ATTACKING FROM THE OUTSIDE @ Matarese.com
L0pht Security Advisory - Sendmail 8.7.5 @ Matarese.com
Sniffer FAQ V 1.7 @ Matarese.com
SSPING/JOLT patches @ Matarese.com
WORKING OUT-TELNETS @ Matarese.com
How do I post to a moderated newsgroup? @ Matarese.com
What You Should Know About Computer Viruses @ Matarese.com
How can I protect myself from viruses and such? @ Matarese.com
What is a trojan/worm/virus/logic bomb? @ Matarese.com
VMS Info (Password Cracking) @ Matarese.com
HACKING THE WAL-MART ARMORGUARD COMPUTER PROTECTION SYSTEM @ Matarese.com
Using web proxies to disguise your IP address @ Matarese.com
Dig up hidden CD Keys @ Matarese.com
X-Windows Security @ Matarese.com
Copyright (C) 1999 - Matarese.com