[4188] in WWW Security List Archive
Re: re-mail
daemon@ATHENA.MIT.EDU (Warren Belfer)
Wed Jan 29 20:53:28 1997
Date: Wed, 29 Jan 1997 15:21:50 -0800
To: Alexandre Alvarenga <xande@venus.rdc.puc-rio.br>
From: Warren Belfer <wbelfer@jupiter.Legato.COM>
Cc: www-security@ns2.rutgers.edu
Errors-To: owner-www-security@ns2.rutgers.edu
At 04:21 AM 3/1/97 -0300, Alexandre Alvarenga wrote:
>Thanks for the purpose of passwd file....
>I'd love it....
>But...i'm in trouble...
>When i get the passwd file from unix...it is encrypted...
>How can i decrypt it to use a passwd cracker from unix?
Sorry, but it doesn't work like that. The UNIX password file is one way
encrypted and is not meant to be decrypted. When you login, the login
binary uses the same encryption technique to encrypt the password you type
in and then compare it to what is in the passwd file. Crack programs do
the same thing, they use something, often a dictionary, to generate and
then encrypt huge numbers of passwords that are then compared with the
encrypted password in the passwd file. Takes a while, but it is amazing
what you can do with a fast machine.
Warren
>I'd like to obtain a answer....
>Thanks all
>By xande
>
>
>
