Date: Tue, 5 Dec 2006 21:12:36 +0000 (GMT) From: Danett song <danett18@...oo.com.br> To: john-users@...ts.openwall.com Subject: OpenUnix 8 hash format is not the normal DES? Hi there, I got a new machine, it's a OpenUnix 8 running in ia32, so I solved to check how it the password format. At first look it appear like a Linux system which use /etc/passwd and /etc/shadow. A example entry is: # cat /etc/passwd|grep test test:x:155:1::/home/test:/bin/sh # cat /etc/shadow|grep test test:B1x0F/cug2meE:13487:::::: The password is "test1234567". If I use john (including my password at wordlist) it found my password as a DES (only showing the first 8 characters, since in DES the rest is truncated). # john -wordfile:wordlist.txt pwd Loaded 1 password (Standard DES [48/64 4K]) test1234 (test) guesses: 1 time: 0:00:00:00 100% c/s: 512 trying: amor - amux Perfect, however if I try log in the OpenUnix 8 with user test and password test1234 it always fail. I tryed via telnet, with su (and typing the password manualy, copying it from clipboard, etc). So in short it's not a mistake mine in the type process. I also looked system for possible alternate password file in /etc/default/password and /etc/security/ but I can't find. I also tryed locate in /etc files having the string "root:" which can indicate a alternate password file. # find /etc -type f -mount |xargs fgrep -le "root:" /etc/conf/cf.d/unix /etc/conf/pack.d/fs/Driver_atup.o /etc/conf/pack.d/fs/Driver_mp.o /etc/conf/pack.d/fs/_drv.o /etc/group /etc/init.d/RFC1006init /etc/mail/cf/README /etc/shadow /etc/ogroup /etc/oshadow /etc/passwd /etc/rc0.d/K69rfc1006 /etc/rc1.d/K69rfc1006 /etc/rc2.d/S69rfc1006 /etc/saf/nbcots/_pmtab /etc/saf/tcp/_pmtab /etc/security/seclevel/high/script /etc/security/seclevel/improved/script /etc/security/seclevel/low/script /etc/security/seclevel/traditional/script /etc/opasswd I checked each file and the unique that have password entrys are: /etc/shadow /etc/oshadow /etc/passwd /etc/opasswd However looking at documentation, this opasswd and oshadow are copys of original files (equivalento to passwd- and shadow- in Linux). In the man passwd I found a intersting text: "Passwords must be constructed to meet the following requirements: * Each password must have at least PASSLENGTH characters as defined in /etc/default/passwd. PASSLENGTH must be at least 3. The first 80 characters of a password are treated as significant (this is the value of PASS_MAX in /usr/include/limits.h)." It say it's able to TRAT UP TO 80 characters? How can it be possible using DES? So my doubt goes, how OpenUnix 8 appear to use DES and is able to store and compare password bigger than 8 characters? Also, is there a way to crack the full password using John in wordlist mode? Ideas and solutions are welcome. Thank you and cheers, --------------------------------- Yahoo! Search Música para ver e ouvir: You're Beautiful, do James Blunt
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.