On Sun, Mar 27, 2011 at 22:23, Anish A <aneesh...@gmail.com> wrote:

> The file is /etc/passwords
>
> >But it is stored in one side encrypted form. That means, you cannot get
> back the >original password but you can check with the input to see whether
> the password is >correct or not.
>

It is a  one way hash

>See http://en.wikipedia.org/wiki/MD5 for details about how it is encrypted.
> --
> Regards,
> Anish A
>

MD5 is not an encryption mechanism. Its a checksum mechanism. Moreover in
distro's like Ubuntu they use sha1sum or sha512 hash of the password.

MD5 can be easily cracked using rainbow tables.

/etc/password just has the metadata of the user.
/etc/shadow has the hash of the password.

These two file can be given as the input of *John the Ripper* in order to
brute force.

Arjun S R <arjun1...@gmail.com>
College Of Engineering,Trivandrum <http://www.cet.ac.in/home.php>
Facebook : http://www.facebook.com/Arjun.S.R
Twitter: http://twitter.com/Arjun_S_R

-- 
"Freedom is the only law". 
"Freedom Unplugged"
http://www.ilug-tvm.org

You received this message because you are subscribed to the Google
Groups "ilug-tvm" group.
To control your subscription visit 
http://groups.google.co.in/group/ilug-tvm/subscribe
To post to this group, send email to ilug-tvm@googlegroups.com
To unsubscribe from this group, send email to
ilug-tvm-unsubscr...@googlegroups.com



For details visit the google group page: 
http://groups.google.com/group/ilug-tvm?hl=en

Reply via email to