Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Mon, 15 Jan 2007 14:26:07 -0300 (ART)
From: Danett song <danett18@...oo.com.br>
To: john-users@...ts.openwall.com
Cc: solar@...nwall.com
Subject: Re: OpenUnix 8 hash format is not the normal DES?

Hi Solar Designer,
  
  >Sure it does, however it appears that you've replaced some characters
  >before posting in here.  Also, the asterisk before this string is not a
  >part of the hash.  It may mean a locked account or it may be a part of
  >the binary file format.
  
  You are right in both afirmations. I changed some characters of the  hash, also the * is part of the original hash (and yes, this account is  looked).... but the output is only like that, very similar to the  output I pasted in last e-mail...
  
  
  >It might be the easiest to have the system do this for you.  Please try
  >this Perl one-liner (invoke it as root):
  
  >perl -e 'print "$n:$p:$u:$g:$f:$d:$s\n" while ($n,$p,$u,$g,$q,$c,$f,$d,$s) = >getpwent()'
  
  Unhapply it doesn't work as expected, it show all informations, expect the hashs...
  
  root:x:0:3:0000-Admin(0000):/:/sbin/sh
  daemon:x:1:12:0000-Admin(0000):/:
  bin:x:2:2:0000-Admin(0000):/usr/bin:
  sys:x:3:3:0000-Admin(0000):/:
  adm:x:4:4:0000-Admin(0000):/var/adm:
  uucp:x:5:5:0000-uucp(0000):/usr/lib/uucp:
  mail:x:6:6:Mail Processes:/etc/mail:
  nuucp:x:10:10:0000-uucp(0000):/var/spool/uucppublic:/usr/lib/uucp/uucico
  nobody:x:60001:60001:uid no body:/:
  noaccess:x:60002:60002:uid no access:/:
  .....
  ...
  
  Or it open the wrong file (/etc/passwd instead of master/shadow), or it  use a different format ($n, $p, $u, ....) in perl for openunix 8, ....
  
  The second one (format problem) isn't the case, since when i call  directly getpwent() from perl, it show all output less the hashs....
  
  So hard to get the real hashs from this Unix, lollll :(
  
  Any more ideas Solar? The more hard ones now (or do you have a trick for the perl one)? hehe
  
  Thank you
  
  Cheers
  

Solar Designer <solar@...nwall.com> escreveu:  On Sat, Jan 13, 2007 at 11:27:44AM +0300, Danett song wrote:
> Solar, for you the entire string (*5v21dw01yuPiGDVreR5kDDvT) looks like  some algorithm ?

Sure it does, however it appears that you've replaced some characters
before posting in here.  Also, the asterisk before this string is not a
part of the hash.  It may mean a locked account or it may be a part of
the binary file format.

> Any idea how to convert this file to text file, like the /etc/shadow (in a fashion we can read this)?

It might be the easiest to have the system do this for you.  Please try
this Perl one-liner (invoke it as root):

 perl -e 'print "$n:$p:$u:$g:$f:$d:$s\n" while ($n,$p,$u,$g,$q,$c,$f,$d,$s) = getpwent()'

-- 
Alexander Peslyak 
GPG key ID: 5B341F15  fp: B3FB 63F4 D7A3 BCCC 6F6E  FC55 A2FC 027C 5B34 1F15
http://www.openwall.com - bringing security into open computing environments

Was I helpful?  Please give your feedback here: http://rate.affero.net/solar

-- 
To unsubscribe, e-mail john-users-unsubscribe@...ts.openwall.com and reply
to the automated confirmation request that will be sent to you.



 __________________________________________________
Fale com seus amigos  de graša com o novo Yahoo! Messenger 
http://br.messenger.yahoo.com/ 

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ