:00 AM, IBM-MAIN automatic digest system wrote:
>
>> Date:Thu, 18 Aug 2011 08:20:42 -0400
>> From: "Chicklon, Thomas"
>> Subject: Re: Get a user password from RACF.
>>
>>
>> I am not aware of this being documented anywhere. Maybe someone else c
; ID nor the password is stored in the clear for perusal by hackers on the
> RACF data set, or more likely on a backup copy.
>
> regards, Tom
>
> On 2011-08-19 12:00 AM, IBM-MAIN automatic digest system wrote:
>
>> Date:Thu, 18 Aug 2011 08:20:42 -0400
>> From:&qu
2011 08:20:42 -0400
From:"Chicklon, Thomas"
Subject: Re: Get a user password from RACF.
I am not aware of this being documented anywhere. Maybe someone else can
jump in with that info if they have it.
Tom Chicklon
-Original Message-
thanks ,
Is the literature specifyin
Rick Fochtman wrote:
--
Hi all ,
In my previous shop we add TSS instead of RACF . I remember we had a
way to
get a user password but I’m not really familiar what was the background
process.
Is somebody familiar with a method to get a
A little Friday fun...
We all know what the decrypted password is in a RACF database - it's the
user ID!
The trick it to determine the key used to encrypt it in the first
place...
Tom Chicklon
-Original Message-
It could
probably be decrypted, if you've got enough computer time
On Thu, 18 Aug 2011 15:56:39 +0300, Matan Cohen wrote:
>actually there isn't any problem .
>I wanted to know a user password instead of changing it and I remembered
>that in my previously shop this was a something I was doing regularly . So
> I just started interesting in how this was available
> -Original Message-
> From: IBM Mainframe Discussion List On Behalf Of Rick Fochtman
>
>
--
> In my previous shop , it was nessecery for some user to get other
users
> password (and they didn't have the privilige to chan
--
In my previous shop , it was nessecery for some user to get other users
password (and they didn't have the privilige to change any user password) .
For one
Agreed. Maybe a good application for RACF Passtickets?
On Thu, Aug 18, 2011 at 2:14 PM, Cris Hernandez #9
wrote:
> this begs the question... why?
> If you need to use the ID, why not just change the password?
> only answer I can come up with is that the ID's password is embedded in a
> bunch of s
thanks ,
Is the literature specifying the HASH algurithm and where the HASH password
is located?
-
There is no public doc of the exact algorithm and there is no single
"HASH pass
--
Hi all ,
In my previous shop we add TSS instead of RACF . I remember we had a way to
get a user password but I’m not really familiar what was the background
process.
Is somebody familiar with a method to get a user password when u
n out with solutions
that don't involve displaying passwords.
--- On Thu, 8/18/11, Matan Cohen wrote:
> From: Matan Cohen
> Subject: Get a user password from RACF.
> To: IBM-MAIN@bama.ua.edu
> Date: Thursday, August 18, 2011, 7:44 AM
> Hi all ,
>
> In my previous shop we
On Thu, 18 Aug 2011 08:20:42 -0400, Chicklon, Thomas
wrote:
>I am not aware of this being documented anywhere. Maybe someone else can
>jump in with that info if they have it.
>
>
If on the OP's system RACF is for some weird reason configured to use the old,
deprecated, obsolete hashing method
I see. But, if you know one of the old passwords of a user (if you maintain
pw history), you can restore to that password ;-)
ITschak
On Thu, Aug 18, 2011 at 3:56 PM, Matan Cohen wrote:
> actually there isn't any problem .
> I wanted to know a user password instead of changing it and I remembere
actually there isn't any problem .
I wanted to know a user password instead of changing it and I remembered
that in my previously shop this was a something I was doing regularly . So
I just started interesting in how this was available to me in the past and
if it still available to me in RACF .
S
> -Original Message-
> From: IBM Mainframe Discussion List On Behalf Of Chicklon, Thomas
>
> I am not aware of this being documented anywhere. Maybe someone else
can
> jump in with that info if they have it.
>
> Tom Chicklon
>
> -Original Message-
>
> thanks ,
> Is the literatur
Hi Matan,
Listing the password is not possible, as you already know. You don't need to
know the user's password in order to use his access rights (if you are
authorised to do so). RACF let you use other user's authority using the
user.submit profile under the surrogat class. This function is also
Short answer: NOT POSSIBLE.
The provided password is encrypted via a 1-way algorithm. There is no
way to decode this value that I know of.
I am sure Walt Farrell will chime in shortly if I am incorrect.
Is somebody familiar with a method to get a user password when using
RACF ?
--
Unfortunately, this was true. TSS did provided a way to display a users
password. Fortunately, they've seen the light and removed this ability.
Imagine trying to prove any particular user was responsible for
something done with their ID when some number of security admins could
all display, and th
In my previous shop , it was nessecery for some user to get other users
password (and they didn't have the privilige to change any user password) .
On Thu, Aug 18, 2011 at 3:16 PM, Matan Cohen wrote:
> thanks ,
> Is the literature specifying the HASH algurithm and where the HASH password
> is lo
I am not aware of this being documented anywhere. Maybe someone else can
jump in with that info if they have it.
Tom Chicklon
-Original Message-
thanks ,
Is the literature specifying the HASH algurithm and where the HASH
password
is located?
This e-mail transmission contains informati
thanks ,
Is the literature specifying the HASH algurithm and where the HASH password
is located?
On Thu, Aug 18, 2011 at 2:58 PM, Chicklon, Thomas wrote:
> Older releases of Top Secret used to allow for a user's password to be
> displayed with a simple TSS list command. It required the PWVIEW sys
On Thu, 18 Aug 2011 14:44:25 +0300 Matan Cohen
wrote:
:>In my previous shop we add TSS instead of RACF . I remember we had a way to
:>get a user password but Im not really familiar what was the background
:>process.
I greatly doubt it.
:>Is somebody familiar with a method to get a user passwo
Older releases of Top Secret used to allow for a user's password to be
displayed with a simple TSS list command. It required the PWVIEW system
option to be turned on, as well as specific authority on the security
admin's ACID. This ability to display passwords is (fortunately) no
longer available.
Hi all ,
In my previous shop we add TSS instead of RACF . I remember we had a way to
get a user password but I’m not really familiar what was the background
process.
Is somebody familiar with a method to get a user password when using RACF ?
I assume RACF DB is holding the DB in hash base on a
25 matches
Mail list logo
