01-09-2012
Cracking complex passwords (/etc/shadow)
I'm doing some labs regarding password cracking on Linux machines. I took the shadow file from one of my virtual machines and it looks like below:
bruno:$1$mrVjnhtj$bg47WvwLXN4bZrUNCf1Lh.:14019:0:99999:7:::
From my understanding the most important piece regarding password cracking on linux are indicated below:
bruno ==> username
$1$ ==> Indicates MD5 type
mrVjnhtj ==> Salt
bg47WvwLXN4bZrUNCf1Lh. ==> Encrypted salted and hashed password.
In this specific case my password is "windows".
However, let suppose that I don't know the password. I found that there are lot of MD5 rainbow tables available out there, however, these rainbow tables do not accept "shadowed" MD5 hashes. So AFAIK, I'd need a tool to convert my shadowed hash "$1$mrVjnhtj$bg47WvwLXN4bZrUNCf1Lh." into a simple MD5 hash. And then run the pure MD5 hash against a rainbow table.
Can somebody confirm if this is procedure is the correct one for complex passwords? Also what tools could be used to do this convertion?
Note: A more complex password exame would be:
bruno2:$1$F.MtLWar$6qb9wk66ySUrhI3OQzW3n0:14896:0:99999:7:::
Any info will be very appreciated.
THanks,
Bruno
4 More Discussions You Might Find Interesting
1. Solaris
I want to import my passwd/shadow files from Solaris 6 to Solaris 10. I found that the encryption method for passwords has changed. Is there a command or script to convert the Solaris 6 passwords to Solaris 10? I have searched the net and just can't seem to find the answer.
For Example:
The... (6 Replies)
Discussion started by: westsiderick
6 Replies
2. UNIX for Dummies Questions & Answers
i am using a scounix server with oracle8i.one fine morning it says 'incorrect
login' for the root.But the oracle user is logged in and the Database is ready for use.But the server is switched off without proper shutdown.Please suggest some way to get the root password without any reinstallation. (2 Replies)
Discussion started by: thenmozhi
2 Replies
3. Programming
I'm writing a 'C' program on various systems (HP-UX, Solaris, AIX, NCR) which needs to interact with a user's password. Some of my systems are using the shadow password and some are not. It is possible for some of my systems to have /etc/shadow, even though the box is not using the file (I know,... (4 Replies)
Discussion started by: chrisc@nwark.ne
4 Replies
4. UNIX for Advanced & Expert Users
I've been using various versions of UNIX and Linux since 1993, and I've never run across one that showed your password as you type it in when you log in, or one that stored passwords in plain text rather than encrypted. I'm writing a script for work for a security audit, and two of the... (5 Replies)
Discussion started by: Anne Neville
5 Replies
pwconv(1M) System Administration Commands pwconv(1M)
NAME
pwconv - installs and updates /etc/shadow with information from /etc/passwd
SYNOPSIS
pwconv
DESCRIPTION
The pwconv command creates and updates /etc/shadow with information from /etc/passwd.
pwconv relies on a special value of 'x' in the password field of /etc/passwd. This value of 'x' indicates that the password for the user is
already in /etc/shadow and should not be modified.
If the /etc/shadow file does not exist, this command will create /etc/shadow with information from /etc/passwd. The command populates
/etc/shadow with the user's login name, password, and password aging information. If password aging information does not exist in
/etc/passwd for a given user, none will be added to /etc/shadow. However, the last changed information will always be updated.
If the /etc/shadow file does exist, the following tasks will be performed:
Entries that are in the /etc/passwd file and not in the /etc/shadow file will be added to the /etc/shadow file.
Entries that are in the /etc/shadow file and not in the /etc/passwd file will be removed from /etc/shadow.
Password attributes (for example, password and aging information) that exist in an /etc/passwd entry will be moved to the corre-
sponding entry in /etc/shadow.
The pwconv command can only be used by the super-user.
FILES
/etc/opasswd
/etc/oshadow
/etc/passwd
/etc/shadow
ATTRIBUTES
See attributes(5) for descriptions of the following attributes:
+-----------------------------+-----------------------------+
| ATTRIBUTE TYPE | ATTRIBUTE VALUE |
+-----------------------------+-----------------------------+
|Availability |SUNWcsu |
+-----------------------------+-----------------------------+
SEE ALSO
passwd(1), passmgmt(1M), usermod(1M), passwd(4), attributes(5)
DIAGNOSTICS
pwconv exits with one of the following values:
0 SUCCESS.
1 Permission denied.
2 Invalid command syntax.
3 Unexpected failure. Conversion not done.
4 Unexpected failure. Password file(s) missing.
5 Password file(s) busy. Try again later.
6 Bad entry in /etc/shadow file.
SunOS 5.10 9 Mar 1993 pwconv(1M)