- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - HP-UX
- >
- crack on trusted system
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Forums
Discussions
Discussions
Discussions
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-24-2004 11:07 PM
06-24-2004 11:07 PM
Iâ m running crack to check whether or not my users are using password that are not guessable. My problems are what do I do on a trusted system. Is there somebody out there that have created a script to merge /tcb/files/auth and /etc/passwd into a separate file?
This is my go:
#!/usr/bin/ksh
for i in $(cat /etc/passwd | cut -b 1)
do
cd /tcb/files/auth/$i
for j in $(ls $PWD)
do
echo $j
for k in $(cat $j | grep u_pwd | cut -d : -f 2 | cut -d = -f 2)
do
echo $k
done
done
done
This only creates a list of users and there password encrypte
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-25-2004 12:32 AM
06-25-2004 12:32 AM
Solutioncat /tcb/files/auth/?/* | awk '
/u_name/ { split($0,a,":|=|#"); name=a[3]; uid=a[5]; }
/u_pwd/ { split($0,a,":|="); pass=a[3]; }
pass != "" {
printf("%s:%s:%s:0:No Name:/home:/usr/bin/false\n",name,uid,pass);
pass="" ; name="" ; uid="";
}
'
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-25-2004 05:16 AM
06-25-2004 05:16 AM
Re: crack on trusted system
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-25-2004 05:38 AM
06-25-2004 05:38 AM
Re: crack on trusted system
do
pass=`cat /tcb/files/auth/?/$i|grep "u_pwd"|awk -f : '{print $2}'`
grep $i /etc/passwd|awk -F : -v x=${pass}'{print $1:$x:$3:$4:$5:$6:$7}' >> /tmp/pass_file
done
Anil
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-25-2004 05:40 AM
06-25-2004 05:40 AM
Re: crack on trusted system
Worked out just fine.
On Shadowed systems let crack attack a copy of the shadow file.
DO NOT, under any circumstances let crack actually touch the real password file.
Bad things can happen.
SEP
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-25-2004 06:03 AM
06-25-2004 06:03 AM
Re: crack on trusted system
Even with the basic triviality checks, the user password is supposed to have at least two alphabetic characters and at least one numeric or special character. As far as I can reach, "crack" only tries to guess the password from the dictionary database it has.
I would be curious to know if you managed to crack any trusted system password.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-25-2004 03:43 PM
06-25-2004 03:43 PM
Re: crack on trusted system
crack will have troubles with imbedded numbers (bi26llh) and mixed case (bIllH) as well as non-words (g7fG4tT). Of course, humans have big problems with g7fG4tT also).
Whether the system is standard, Trusted or uses a shadow password, the encryption is the same (man crypt and makekey). The crypt process is lossy which means that there is no decryption possible, only guessing which crack performs. Once you have the actual encrypted password fields, crack just does a brute force guess using the dictionary and applying variations. crack 5.0 has dozens of rule definitions so you can customize the variant searches (and drastically increase the amount of CPU time).
Bill Hassell, sysadmin
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-26-2004 05:17 PM
06-26-2004 05:17 PM
Re: crack on trusted system
This is my version of make_passwd script.
cp /etc/passwd tmp$$
while read line
do
USER=$(echo $line|awk '{FS=":";print $1}')
echo "making entry for $USER"
FL=$(echo $USER|cut -c 1)
ENC=$(grep "u_pwd" /tcb/files/auth/${FL}/${USER} |awk '{FS="=";print $2}' |awk '
{FS=":";print $1}')
echo $line |awk -v enc=$ENC -F":" '{$2=enc;OFS=":";print $0}' >> crack_pa
sswd
done < tmp$$
rm tmp$$
I like crack. It gives you an ability to specify your custom dictionaries. One of the features of my dream IT datacenter is running a dedicated system that runs nothing but Crack program constantly gathering and crunching the password files from all other systems in a round-robin fashion. But for me rule 1 is not giving a user choice to set weak passwords. This can be controlled by trusted features as well making use of /etc/default/security file. Crack comes next.
-Sri
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-26-2004 05:17 PM
06-26-2004 05:17 PM
Re: crack on trusted system
This is my version of make_passwd script.
cp /etc/passwd tmp$$
while read line
do
USER=$(echo $line|awk '{FS=":";print $1}')
echo "making entry for $USER"
FL=$(echo $USER|cut -c 1)
ENC=$(grep "u_pwd" /tcb/files/auth/${FL}/${USER} |awk '{FS="=";print $2}' |awk '
{FS=":";print $1}')
echo $line |awk -v enc=$ENC -F":" '{$2=enc;OFS=":";print $0}' >> crack_pa
sswd
done < tmp$$
rm tmp$$
I like crack. It gives you an ability to specify your custom dictionaries. One of the features of my dream IT datacenter is running a dedicated system that runs nothing but Crack program constantly gathering and crunching the password files from all other systems in a round-robin fashion. But for me rule 1 is not giving a user choice to set weak passwords. This can be controlled by trusted features as well making use of /etc/default/security file. Crack comes next.
-Sri
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-14-2004 01:12 AM
07-14-2004 01:12 AM
Re: crack on trusted system
I prefer John The Ripper myself. I've also compiled a 900K word dictionary if you're ever interested.
Michael