[Chicago-talk] accessing NIS password

Richard Reina richard at rushlogistics.com
Mon Mar 13 07:19:28 PST 2006


Dear Steve,
 
 Thank you very much for the reply.  The articles returned in your search highlight some of the differences between crypt, MD5 and blowfish encryption, chiefly which versions of *nix use which and how to encrypt a raw password.  I have incorporated those encryption schemes into the script below and while the results are very interesting none of them match the linux password returned by getpwnam() for the given user -- which is not the x shadow.
 
 #!/usr/bin/perl5 -w
 
 my $username = 'gerald';
 my $plainfromuser = 'swhaga';
 my $currentsalt;
 
 my ($name, $passwd, $uid, $gid, $quota, $comment,
  $gcos, $dir, $shell) = getpwnam($username);
 
 # crypt salt
 $currentsalt = substr($passwd,0,2);
 
 # 8 random chars
 my $key = "justakey";
 
 my $cpass = crypt($plainfromuser, $currentsalt);
 
 use Crypt::PasswdMD5;
 
 my $xpass = unix_md5_crypt($plainfromuser, '$1$', $currentsalt);
 
 my $ypass = crypt($plainfromuser, '$1$' . $key);
 
 use Digest::MD5 qw(md5_base64);
 
 my $zpass = $currentsalt . md5_base64("$currentsalt/$plainfromuser/$key");
 
 print "passwd              " . $passwd . "\n";
 print "Crypt pass          " . $cpass . "\n";
 print "MD5 Crypt pass      " . $xpass . "\n";
 print "Crypt pass MD5 salt " . $ypass . "\n";
 print "MD5_base64 pass     " . $zpass . "\n";
 
******************************************************
 results
 ******************************************************
passwd                             $1$XHjgqURT$QW0eZNAONaXd2XPqkxwce1
 Crypt pass                        $1ayHHS8s0NWw
 MD5 Crypt pass                $1$$lCe7AyTRcjUyl7Fdn1T4g0
 Crypt pass MD5 salt          $1$justakey$uxo5dkFTrnz.u7gtyf/QQ.
 MD5_base64 pass             $14RkT9PfSsSaSoWswj/JaDg
 
 As one can see none of the encyptions match the encypted password that I myself have set up for the bogus user "gerald" on our system.  Any help would be greatly appreicated.
 
 Thank you for your attention.
 
 Richard
 


A people that values its privileges above its principles soon loses both.
 -Dwight D. Eisenhower.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.pm.org/pipermail/chicago-talk/attachments/20060313/650cc1a1/attachment.html


More information about the Chicago-talk mailing list