[Chicago-talk] accessing NIS password

Jess Balint jbalint at gmail.com
Tue Mar 14 06:28:06 PST 2006


Darren:

 

Sorry about the previous email, I was only trying to give an example of the
algorithm used to generate the encoded password, not suggesting you write it
in Java. With the Crypt::PasswdMD5 module, it's very simple. You just had
one thing missing. I trimmed the program down to give just what you needed,
here it the example:

 

my $plainfromuser = 'swhaga';

 

# from getpwd()

$passwd = '$1$XHjgqURT$QW0eZNAONaXd2XPqkxwce1';

 

use Crypt::PasswdMD5;

 

my $md5salt = (split(/\$/, $passwd))[2];

 

# $1$ designates 'unix' md5 crypt

# MD5 salt, should be the (up to) 8 chars in between $'s in the encoded
passwd,

# see Crypt::PasswdMD5 source code for details

my $xpass = unix_md5_crypt($plainfromuser, $md5salt);

 

print "MD5salt: $md5salt\n";

print "passwd              " . $passwd . "\n";

print "MD5 Crypt pass      " . $xpass . "\n";

 

Jess

 

  _____  

From: chicago-talk-bounces+jbalint=gmail.com at pm.org
[mailto:chicago-talk-bounces+jbalint=gmail.com at pm.org] On Behalf Of Richard
Reina
Sent: Monday, March 13, 2006 10:19 AM
To: lembark at wrkhors.com; chicago-talk at mail.pm.org
Subject: Re: [Chicago-talk] accessing NIS password

 

Dear Steve,

Thank you very much for the reply.  The articles returned in your search
highlight some of the differences between crypt, MD5 and blowfish
encryption, chiefly which versions of *nix use which and how to encrypt a
raw password.  I have incorporated those encryption schemes into the script
below and while the results are very interesting none of them match the
linux password returned by getpwnam() for the given user -- which is not the
x shadow.

#!/usr/bin/perl5 -w

my $username = 'gerald';
my $plainfromuser = 'swhaga';
my $currentsalt;

my ($name, $passwd, $uid, $gid, $quota, $comment,
 $gcos, $dir, $shell) = getpwnam($username);

# crypt salt
$currentsalt = substr($passwd,0,2);

# 8 random chars
my $key = "justakey";

my $cpass = crypt($plainfromuser, $currentsalt);

use Crypt::PasswdMD5;

my $xpass = unix_md5_crypt($plainfromuser, '$1$', $currentsalt);

my $ypass = crypt($plainfromuser, '$1$' . $key);

use Digest::MD5 qw(md5_base64);

my $zpass = $currentsalt . md5_base64("$currentsalt/$plainfromuser/$key");

print "passwd              " . $passwd . "\n";
print "Crypt pass          " . $cpass . "\n";
print "MD5 Crypt pass      " . $xpass . "\n";
print "Crypt pass MD5 salt " . $ypass . "\n";
print "MD5_base64 pass     " . $zpass . "\n";

******************************************************
results
******************************************************
passwd                             $1$XHjgqURT$QW0eZNAONaXd2XPqkxwce1
Crypt pass                        $1ayHHS8s0NWw
MD5 Crypt pass                $1$$lCe7AyTRcjUyl7Fdn1T4g0
Crypt pass MD5 salt          $1$justakey$uxo5dkFTrnz.u7gtyf/QQ.
MD5_base64 pass             $14RkT9PfSsSaSoWswj/JaDg

As one can see none of the encyptions match the encypted password that I
myself have set up for the bogus user "gerald" on our system.  Any help
would be greatly appreicated.

Thank you for your attention.

Richard



A people that values its privileges above its principles soon loses both.
-Dwight D. Eisenhower.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.pm.org/pipermail/chicago-talk/attachments/20060314/d9eaeeb0/attachment.html


More information about the Chicago-talk mailing list