HPE Community
Operating System - HP-UX
1819694 Members
3459 Online
109605 Solutions
New Discussion юеВ

decrypt password in the /etc/password file

 
SOLVED
Go to solution
Scott Clement_2
Advisor

тАО08-26-2004 08:33 AM

тАО08-26-2004 08:33 AM

decrypt password in the /etc/password file

I have a user ID in the password file that the password has been forgotten and could be imbedded in some applications so we do not want to change the password. Any ideas?
0 Kudos
Reply
5 REPLIES 5
Patrick Wallek
Honored Contributor

тАО08-26-2004 08:37 AM

тАО08-26-2004 08:37 AM

Solution

Re: decrypt password in the /etc/password file

Change the password and see what breaks.

There is no way I know of to decrypt an encrypted password.
Reply
Sundar_7
Honored Contributor

тАО08-26-2004 08:39 AM

тАО08-26-2004 08:39 AM

Re: decrypt password in the /etc/password file

The passwords in /etc/passwd cannot be decrypted. They are "HASHED" passwords.

You can download crack from the internet and run against your encrypted password. If you are lucky, it wil break the password for you :-).

Other than that, I dont believe there is no any other way out.
Learn What to do ,How to do and more importantly When to do ?
Reply
Jim Mallett
Honored Contributor

тАО08-26-2004 08:42 AM

тАО08-26-2004 08:42 AM

Re: decrypt password in the /etc/password file

The previous admin here had installed a program called Crack. I messed around with it a little before I went to a Trusted System and was able to crack about 75% of the user passwords. (Evidently people like Disney World).

I cringe at the thought of this being freely downloadable but:
http://hpux.connect.org.uk/hppd/hpux/Sysadmin/crack-5.0/

Good luck...and stay away from my systems!

Jim
Hindsight is 20/20
Reply
Bill Hassell
Honored Contributor

тАО08-26-2004 10:17 AM

тАО08-26-2004 10:17 AM

Re: decrypt password in the /etc/password file

As mentioned, passwords in HP-UX cannot be decrypted. There is no 1:1 relationship between the encryption and the original password. But as you've seen, tools like Crack and John the Ripper take a large dictionary of common words (including movie stars, science fiction characters, comic strip characters, etc) and does a brute force guess. Industry stats (after 20 years) still show the same percentages: 60% of the passwords can be found by these dictionary guessers.

AS you have now seen, imbedded passwords are a bad design and should be replaced since changing the password is no longer a simple task, as important as that is.


Bill Hassell, sysadmin
0 Kudos
Reply
R. Sri Ram Kishore_1
Respected Contributor

тАО08-26-2004 04:41 PM - last edited a month ago by

тАО08-26-2004 04:41 PM - last edited a month ago by

Re: decrypt password in the /etc/password file

Hi Scott,

"Unix passwords cannot be decrypted. Unix passwords are encrypted with a one way function. The login program accepts the text you enter at the "Password:" prompt and then runs it through a cryptographic algorithm. The results of that algorithm are then compared against the encrypted form of your Unix password stored in the passwd file.

On a more technical level, the password that you enter is used as a key to encrypt a 64-bit block of NULLs. The first seven bits of each character are extracted to form a 56-bit key. This means that only eight characters are significant in a standard Unix password. The E-table is then modified using the salt, which is a 12-bit value, coerced into the first two chars of the stored passwd. The salt's purpose is to make precompiled password lists and DES hardware chips more time consuming to use. DES is then invoked for 25 iterations. The 64-bit output block and is then coerced into a 64-character alphabet (A-Z,a-z,".","/"). This involves translations in which several different values are represented by the same character, which is why Unix passwords cannot be decrypted.

Unix password cracking software uses wordlists to implement a dictionary attack. Each word in the wordlist is encrypted using the algorithm described above and the salts from the password file. The results are then compared to the encrypted form of the target password.

To crack Unix passwords under Unix or DOS/Windows, try John the Ripper. For the Macintosh, try Killer Cracker or Mac Krack."
http://www.ouah.org/crmi001en.htm[Moderator edit: Removed the broken link.]
https://www.cs.swarthmore.edu/oldhelp/password-security.html
Also, read this nice paper on the same topic:
http://www.ja.net/CERT/Belgers/UNIX-password-security.html

HTH.

Regards,
Sri Ram

"What goes up must come down. Ask any system administrator."
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.