On 19 Aug 1998, Manoj Srivastava wrote:
> Hi,
> >>"Michael" == Michael Beattie <[EMAIL PROTECTED]> writes:
>
> Michael> After thinking about the crypt function, salts, etc... would
> Michael> it not be possible to do this:
>
> Michael> 1) obtain the source for the crypt function.
> Michael> 2) obtain by whatever method, the hashed/encrypted/whatever
> Michael> password from /etc/shadow.
>
> That means you are root on the machine.
It was more of a "by whatever means possible" scenario.
> Michael> 3) reverse the technique in the crypt function, then apply
> Michael> that to the string obtained from /etc/shadow using salt #1
>
> Yup. You shall then have accomplished something that noone
> else has, so far. You probably shall then command large salaries as
> several corporations and government agencies vie for you talents ;-)
Great :) --> $$$$$$$$$$$$ <-----
> Michael> 4) repeat step 3 for each of the 4096 (??) salts.
>
> Why? You already know what the salt is, if you have read
> /etc/shadow. And if you can reverse crypt; you have the password.
Ooops.. forgot the salt is right under yer nose.
> Michael> would that leave you with 4096 possible passwords to try at
> Michael> login? maybe use a telnet script of some kind somehow?
>
> Does your telent allow you to keep trying passwords ad
> infinitum? Does it not close connections after a fixed number of
> attempts?
um, reconnect maybe? yeah, I know, my box is set to 5 attempts.. or is it
3? heh.. cant remember.
Michael Beattie ([EMAIL PROTECTED])
PGP Key available, reply with "pgpkey" as subject.
-----------------------------------------------------------------------------
WinErr: 003 Dynamic linking error - Your mistake is now in every file
-----------------------------------------------------------------------------
Debian GNU/Linux.... Ooohh You are missing out!
