Date: Tue, 14 Apr 98 17:19:10 +0200 From: THIERRY.HERBELOT@telspace.alcatel.fr To: panda@peace.com.my Cc: freebsd-questions@FreeBSD.ORG Subject: =?ISO-8859-1?Q?R=E9p_:_Crack=5Fon=5FFBSD?= Message-ID: <H000057c014f8f21@MHS> In-Reply-To: <3.0.32.19980409020411.00ecf9a8@peace.com.my>
next in thread | previous in thread | raw e-mail | index | archive | help
Hello
There are two problems :
1/ running the Crack program on a given Machine/OS combination (which
the Crack manual deals with - or you could get by with the port ....)
2/ having Crack "crack-ing" your password database : if the passwords
are encrypted via the MD5 method, there is no way Crack could discover
them (it can only find password encrypted via DES)
Hope this helps
TfH
____________________________ Séparateur Réponse ________________________________
Objet : Crack_on_FBSD
Auteur : panda@peace.com.my
Date : 08/04/98 19:41
Thank you for the explanation, Thierry, though I'm still
rather confused.
I had already checked the archives and found the MD5/DES posts
but thought that they dealt with a different problem since the
Crack manual mentioned configuration for FreeBSD.
Strange to have a port of Crack available at all then, no ?
And strange that it still managed to come up with 2 of the passwds.
Cheers,
chas
> You could check it on the mailing llist archive : passwords beginning
> with $1$ are crypted with the MD5 library. Crack tries to discover
> passwords crypted with the (standard) DES library : it's completely
> normal that you can't find back HELLO.
>
> AFAIK, there is no method to automatically convert your password
> database from MD5 crypting to DES crypting (you would need a tool to
> automatically discover the source passwords "in the clear" first, and
> all crypting methods try hard making such tolls impossible to have -
> except if your name is NSA)
>
> good luck
>
> TfH
>
>
>
>
>____________________________ Séparateur Réponse
________________________________
>Objet : Crack on FBSD - how to make it more thorough ?
>Auteur : panda@peace.com.my
>Date : 08/04/98 17:28
>
>
>I installed Crack-5.0 using the package (not the port) and >it
seems to function, but I'm not sure it's working properly. >I
changed the shadmrg script to merge the /etc/passwd and
>/etc/master.passwd and ran Crack on the output.
>
>Crack was finished in less than 10 seconds.
>OK, so I only have 100 users on this system but I thought
>that this would be still quite an intensive task to run.
>
>Before this, I'd added a 'dummy' userid with passwd "HELLO"
>so that I could check that crack was actually doing
>something but strangely, Crack didn't find that (and
>I wouldn't have thought "HELLO" was a particularly
>intelligent passwd). Fortunately, Crack did discover
>2 users with ridiculously easy passwds (since corrected).
>so I knew it was doing something.
>
>Looking at conf/dictrun.conf, I see that nearly all the
>rules were employed. Should it really have run so fast ?
>
>the Reporter also showed the following errors for all user :
>
>E:0:bad format: output.txt: username:$1$NTG2CU1tFICN2VX20:1029:1006:U
>ser &:/home/username:/bin/sh
>
>I was running Crack on a file output.txt, which was the output
>of running scripts/shadmrg.fbsd, based on the supplied shadmrg.sv :
>
>SHADOW=/etc/master.passwd
>PASSWD=/etc/passwd
>
>(
> sed -e 's/^/STAG:/' < $SHADOW
> sed -e 's/^/PTAG:/' < $PASSWD
>) |
>awk -F: '
>BEGIN {
> OFS=":";
>$1 == "STAG" {
> pw[$2] = $3;
> next;
>}
>$1 == "PTAG"{
> $3 = pw[$2];
> print $0;
>
>}' |
>
>I'm afraid I'm not an awk guy so if I just swapped the variable
>names at the top.
>
>Anyway, if there are any other changes that need to be done
>to get crack to work perform a more thorough check on FBSD ?
>
>chas
>
>
>To Unsubscribe: send mail to majordomo@FreeBSD.org
>with "unsubscribe freebsd-questions" in the body of the message
>
>
>To Unsubscribe: send mail to majordomo@FreeBSD.org
>with "unsubscribe freebsd-questions" in the body of the message
>
>
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?H000057c014f8f21>