Lost password on Sun Solaris; can it be decrypted | Unix Linux Forums | Solaris

  Go Back    


Solaris The Solaris Operating System, usually known simply as Solaris, is a Unix-based operating system introduced by Sun Microsystems. The Solaris OS is now owned by Oracle.

Lost password on Sun Solaris; can it be decrypted

Solaris


Closed Thread    
 
Thread Tools Search this Thread Display Modes
    #1  
Old 10-15-2007
newbewie newbewie is offline
Registered User
 
Join Date: Sep 2007
Last Activity: 13 December 2007, 10:16 AM EST
Posts: 6
Thanks: 0
Thanked 0 Times in 0 Posts
Lost password on Sun Solaris; can it be decrypted

Hi,
I lost my password on few critical sun servers, I have root password though

I don't want to change my password but for some reasons I would like to decrypt my exiting password. Is it possbile and if yes how?

Thanks a million in advance
Sponsored Links
    #2  
Old 12-17-2008
jdfeathe jdfeathe is offline
Registered User
 
Join Date: Nov 2007
Last Activity: 18 December 2008, 1:36 AM EST
Location: Illinois
Posts: 5
Thanks: 0
Thanked 0 Times in 0 Posts
Your question doesn't really make a whole lot of sense. Why would you want to crack your own passwd? If you really need to crack a unix passwd, google john the ripper
Sponsored Links
    #3  
Old 12-17-2008
robsonde robsonde is offline
Registered User
 
Join Date: Dec 2007
Last Activity: 27 February 2013, 8:50 PM EST
Posts: 216
Thanks: 2
Thanked 0 Times in 0 Posts
Quote:
Originally Posted by newbewie View Post
Hi,
I lost my password on few critical sun servers, I have root password though

I don't want to change my password but for some reasons I would like to decrypt my exiting password. Is it possbile and if yes how?

Thanks a million in advance
NO.

the password is stored as a one-way hash.
there is no decrypt becasue it is not encrypted as such.
    #4  
Old 12-18-2008
jdfeathe jdfeathe is offline
Registered User
 
Join Date: Nov 2007
Last Activity: 18 December 2008, 1:36 AM EST
Location: Illinois
Posts: 5
Thanks: 0
Thanked 0 Times in 0 Posts
If you're using solaris, with a shadow file for passwords with encryption set to one of the encrytion standards that are supported, john the ripper will crack the password in the shadow file. Not sure what robsonde is talking about ... I've used it a million times to check users passwords.
Sponsored Links
    #5  
Old 12-18-2008
robsonde robsonde is offline
Registered User
 
Join Date: Dec 2007
Last Activity: 27 February 2013, 8:50 PM EST
Posts: 216
Thanks: 2
Thanked 0 Times in 0 Posts
Quote:
Originally Posted by jdfeathe View Post
If you're using solaris, with a shadow file for passwords with encryption set to one of the encrytion standards that are supported, john the ripper will crack the password in the shadow file. Not sure what robsonde is talking about ... I've used it a million times to check users passwords.

there is no decrypt.
john the ripper will crack by testing many times.
john the ripper many run for months with out a result.
Sponsored Links
    #6  
Old 12-19-2008
Perderabo's Avatar
Perderabo Perderabo is offline Forum Staff  
Unix Daemon (Administrator Emeritus)
 
Join Date: Aug 2001
Last Activity: 22 October 2014, 9:03 PM EDT
Location: Ashburn, Virginia
Posts: 9,930
Thanks: 64
Thanked 437 Times in 261 Posts
Quote:
Originally Posted by jdfeathe View Post
If you're using solaris, with a shadow file for passwords with encryption set to one of the encrytion standards that are supported, john the ripper will crack the password in the shadow file. Not sure what robsonde is talking about ... I've used it a million times to check users passwords.

robsonde has it right. If something is encrypted there must be a way to decrypt it. The algorithm used by unix for passwords is a one-way hash that cannot be reversed. JtR works by trying all possible passwords until it finds one that happens to result in the same hashed value. That is not what is meant by decryption. I will say the JtR is very clever at guessing weak passwords though.

We are required to used strong passwords here at work. To verify compliance I have been asked to run JtR. So far:

Code:
guesses: 1  time: 20:17:21:23  c/s: 324328  trying: lmpsps* - lmpsos!

After 20 days, 17 hours, 21 minutes, and 23 seconds, JtR has guessed one password. Note that the author of JtR chose the verb "guess", not "crack", not "decrypt" or anything like that. It may take decades to guess all of the remaining 186 passwords. And I downloaded dozens of carefully chosen dictionaries to help JtR out, which is the only reason that JtR even has one guess so far.
Sponsored Links
    #7  
Old 12-21-2008
robsonde robsonde is offline
Registered User
 
Join Date: Dec 2007
Last Activity: 27 February 2013, 8:50 PM EST
Posts: 216
Thanks: 2
Thanked 0 Times in 0 Posts
I have had JtR running on a SUN T5220.
after 8 weeks...

about 50% gussed, almost all of them dictionary words.
a few users where using there own username as a password.
Sponsored Links
Closed Thread

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

More UNIX and Linux Forum Topics You Might Find Helpful
Thread Thread Starter Forum Replies Last Post
How to pass decrypted password to script Nick1971 Shell Programming and Scripting 1 10-17-2011 10:40 AM
Help with Lost Root Password JoeJohnSmith UNIX for Advanced & Expert Users 3 05-18-2006 01:26 PM
lost root password in AIX Welfaric AIX 4 02-15-2006 06:55 AM
Root Password Lost gonzotonka UNIX for Dummies Questions & Answers 1 03-29-2005 10:09 AM
I lost my password root yanly UNIX for Advanced & Expert Users 4 12-20-2003 03:43 AM



All times are GMT -4. The time now is 01:10 PM.