On Thu, 2003-08-28 at 23:44, Michael H. Warfield wrote: > On Sun, Aug 20, 2006 at 02:39:34PM -0300, Marcos de Souza Trazzini wrote: > > My question is very _SIMPLE_ : > > > There-s a form to decrypt the passwords stored in /etc/shadow file? > > Simple answer... > > No, of course not. If there were, that would be a bug. > > Longer answer... > > What is in the shadow file is NOT encrypted passwords. They are > password hashes. The hashes can not be reversed. That's the whole idea. > You take a seed (a somewhat random 128 bit number for md5 hashes) and the > password and generated a hash (md5 for example) of the value. The hash and > the seed get stored in the shadow file. If you want to validate the password, > you take the seed from the shadow file and combine it with the puntative > password and take the hash of that. If it matches the hash in the shadow > file, the pasword must have matched the original password and it passes. > If the hashes don't match, then the passwords didn't match and it fails. > You NEVER have to reverse the hash and recover the plaintext password > from the hash. The seed is there to insure that if two instances > (accounts) use the same password, they DON'T get the same hash (because > the seeds are different) making brute force guessing and precomputed > dictionary hash attacks neigh unto impossible. > > Best you can do is brute force guessing different passwords. > John the Ripper or Crack do a pretty fair job against lame passwords. > Against good passwords, you don't stand much of a chance. Unfortunately, > few people use good passwords... :-( > > > -- > > redhat-list mailing list > > unsubscribe mailto:[EMAIL PROTECTED] > > https://www.redhat.com/mailman/listinfo/redhat-list > > Mike
Yeah, John The Ripper simple get some passwords randomly generated and make md5 hashes in the same way that shadow do, and compare with the md5 hash in the shadow file. Note, John sucessfully decrypt my "personal" password, a numeric-only string of 8 numbers, but runs from 3 days and don't make the same for my root password, that contain 12 caracteres, by numbers and letters... :-( -- Marcos de Souza Trazzini <[EMAIL PROTECTED]> Servmicro Informática LTDA -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
