HPE Community
Operating System - HP-UX
1827136 Members
3035 Online
109716 Solutions
New Discussion

How to retrieve user password

 
SOLVED
Go to solution
Cat_4
Advisor

‎04-29-2003 07:28 PM

‎04-29-2003 07:28 PM

How to retrieve user password

Good morning everybody !

I have some enquiry about managing user password, please help.

1. Can i View user's password ?

2. Any different between the trusted system and untrusted system in managing the user password ?

3. Can I encrypt the password list in a trusted system ?

4. can you explain the command /usr/lbin/tsconvert -r refer to ??

thanks in advance !!
regards,
Cat
0 Kudos
Reply
15 REPLIES 15
Michael Tully
Honored Contributor

‎04-29-2003 07:35 PM

‎04-29-2003 07:35 PM

Solution

Re: How to retrieve user password

Hi Cat,

1) No you can't view a persons password, but it possible to use a tool to try to un-encrypt it.
2) yes there is, trusted has the capability of disabling the account with certain different commands, password lifetimes.
3) All passwords are encrypted, with or without a trusted.
4) the tsconvert -r command untrusts your system.

HTH
Michael
Anyone for a Mutiny ?
Reply
Balaji N
Honored Contributor

‎04-29-2003 07:39 PM

‎04-29-2003 07:39 PM

Re: How to retrieve user password

hi

answers to something i know.

1. no.passwords are not encrypted. they are one way hashes and can never be decrypted or decoded. if you want to find password, try a brute force attack on the password file.

4. this converts a trusted system to a untrusted system.
-balaji
Its Always Important To Know, What People Think Of You. Then, Of Course, You Surprise Them By Giving More.
Reply
Cat_4
Advisor

‎04-29-2003 07:52 PM

‎04-29-2003 07:52 PM

Re: How to retrieve user password

thanks michael and balaji !!

Hence, could you tell how to un-encrypt the user password ?

thanks !!

Cat
0 Kudos
Reply
Balaji N
Honored Contributor

‎04-29-2003 07:54 PM

‎04-29-2003 07:54 PM

Re: How to retrieve user password

take a copy of the password file and run it with a password cracker like John the ripper. if the passwords are simple passwords or based on dictonary word, you can crack them.

but it is not that easy,
-balaji
Its Always Important To Know, What People Think Of You. Then, Of Course, You Surprise Them By Giving More.
0 Kudos
Reply
V. V. Ravi Kumar_1
Respected Contributor

‎04-29-2003 08:25 PM

‎04-29-2003 08:25 PM

Re: How to retrieve user password

Hi,

1. No u can not view the password of any user.

2. In an untrusted system the password database is /etc/passwd. In a trusted system password field in /etc/passwd contains a * and protected password database is kept in /tcb/files/auth/*/* in an encrypted format. You can set passwd length, expiration time, passwd aging etc in a trusted system.

3. When u set a password it is encrypted in any system. but in a trusted system it is kept in /tcb/file/auth/*/*

4. tsconvert converts from untrusted to trusted and tsconvert -r from untrusted to trusted

Regards
Never Say No
Reply
Sunil Sharma_1
Honored Contributor

‎04-29-2003 08:28 PM

‎04-29-2003 08:28 PM

Re: How to retrieve user password

Hi
here is the answer of your questions.
1. no, you can not view user password.

2. in trusted system password is stored in /etc/shadow file and in non trusted it will be in /etc/password.

3. password is encrypted by default .. you can not encrypt it again.

4. tsconvert -r is used to make your system non-trusted.

Sunil
*** Dream as if you'll live forever. Live as if you'll die today ***
Reply
Balaji N
Honored Contributor

‎04-29-2003 08:38 PM

‎04-29-2003 08:38 PM

Re: How to retrieve user password

in trusted systems passwd is not stored in shadow. they are in /tcb/....

-balaji
Its Always Important To Know, What People Think Of You. Then, Of Course, You Surprise Them By Giving More.
0 Kudos
Reply
Cat_4
Advisor

‎04-29-2003 10:48 PM

‎04-29-2003 10:48 PM

Re: How to retrieve user password

Hi, Balaji,

Would you please tell me more about the /tcb file ?? I heard some expertise say that this file can view the password directly. Please confirm if it should be wrong.

regards,
Cat
0 Kudos
Reply
Balaji N
Honored Contributor

‎04-29-2003 10:57 PM

‎04-29-2003 10:57 PM

Re: How to retrieve user password

hi,

no password file can be view directly to show the passwords. and that to with trusted systems, you have more finer controls like password aging, locking, etc.. (have never myself worked on a trusted system)

and since passwords are one way hashes you can never decrypt them. only way is a brute force attack.

-balaji
Its Always Important To Know, What People Think Of You. Then, Of Course, You Surprise Them By Giving More.
Reply
Michael Tully
Honored Contributor

‎04-29-2003 11:02 PM

‎04-29-2003 11:02 PM

Re: How to retrieve user password

As already advised, all passwords are encrypted whether they are in /etc/passwd or under /tcb/files/auth/

You can attempt to crack them with a password cracker utility, but this is information that should not be passed on in this forum on how this is done.
Anyone for a Mutiny ?
Reply
Darren Prior
Honored Contributor

‎04-30-2003 02:54 AM

‎04-30-2003 02:54 AM

Re: How to retrieve user password

Hi Cat,

I think you've pretty much got the answers to your original questions, so here's some other useful stuff.

The following document has information on managing & configuring a trusted system: http://docs.hp.com/hpux/onlinedocs/B2355-90742/B2355-90742.html

The supported method of trusting and untrusting a system is to use SAM.

As others have pointed out the password is stored in an encrypted form, regardless of whether the system is trusted or not. On a trusted system each user has a separate file that contains their password, password aging data, etc - this increases the difficulty for anyone trying to find and crack passwords.

Perhaps you could explain why you need to see user passwords?

regards,

Darren
Calm down. It's only ones and zeros...
0 Kudos
Reply
Cat_4
Advisor

‎04-30-2003 03:02 AM

‎04-30-2003 03:02 AM

Re: How to retrieve user password

Hi, Darren,

Thanks for your info. Yes, those expertise has already provide the valuable answer to me.

The reason why I need to "View" the password is because I will migrate the customer profile to another Operation environment- Linux. Since the structure between HPUX and Linux is different and the new environment may not recognised the encryted customer profile. As I don't want to impact to my user thus, I just would like to do the migration on behalf of them.

cheers !

Cat
0 Kudos
Reply
harry d brown jr
Honored Contributor

‎04-30-2003 03:13 AM

‎04-30-2003 03:13 AM

Re: How to retrieve user password

Then it's time to use LDAP and NIS:

http://docs.hp.com/hpux/onlinedocs/J4269-90006/00/00/1-con.html

and

http://docs.hp.com/hpux/onlinedocs/J4269-90001/00/00/1-con.html

live free or die
harry
Live Free or Die
0 Kudos
Reply
John Meissner
Esteemed Contributor

‎04-30-2003 04:02 AM

‎04-30-2003 04:02 AM

Re: How to retrieve user password

a users password is stored in encrypted format. To view this you will need to basically hack the password file. There are utilities out there to do this for you. I believe I removed it from my PC so unfortunately I can't attach it. The one I was using ran at a DOS prompt and was called Johnny.
All paths lead to destiny
0 Kudos
Reply
Bill Douglass
Esteemed Contributor

‎04-30-2003 04:05 AM

‎04-30-2003 04:05 AM

Re: How to retrieve user password

I have moved accounts from HP-UX 11.0 systems to Red Hat 7.3 without any problem.

RH7.3 recognizes the password hash from an untrusted HP-UX box just fine. I haven't tried moving from a trusted HP-UX environment yet.
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.