How to recover password.

Protecting your Linux box

How to recover password.

Postby mohsan1987 » Mon Jan 02, 2006 3:36 pm

is any one tell me how to grab password from etc\passwd and etc\shaddow

waiting for ur reply..
^_^ MOHSAN ^_^
@@@@@@@@@@@@@@@@@@@@@@@
Linux Registered User # 409284
register your self if you are using Linux
www.counter.li.org
@@@@@@@@@@@@@@@@@@@@@@@
mohsan1987
Company Havaldaar Major
 
Posts: 163
Joined: Sun Oct 23, 2005 7:21 am
Website: http://mh87.mycv.pk
WLM: mohsan_87@msn.com
Yahoo Messenger: mh_iiu@yahoo.com
Location: Lalamusa

Postby Kdaemon » Mon Jan 02, 2006 3:47 pm

password stored in these files is encrypted (md5 hash),
what do you really mean by to recover ?
reg linux user #298274
Kdaemon
Naib Subedar
 
Posts: 346
Joined: Sat Nov 30, 2002 12:22 pm
Location: Islamabad. GPS: LHR

Postby mohsan1987 » Mon Jan 02, 2006 3:49 pm

the one way is to login as root and edit both files to remove password. how can i guess exact passwrd in text. not in MD5 format
^_^ MOHSAN ^_^

@@@@@@@@@@@@@@@@@@@@@@@

Linux Registered User # 409284

register your self if you are using Linux

www.counter.li.org

@@@@@@@@@@@@@@@@@@@@@@@
mohsan1987
Company Havaldaar Major
 
Posts: 163
Joined: Sun Oct 23, 2005 7:21 am
Website: http://mh87.mycv.pk
WLM: mohsan_87@msn.com
Yahoo Messenger: mh_iiu@yahoo.com
Location: Lalamusa

Postby kbukhari » Mon Jan 02, 2006 6:58 pm

its inlegall
--
Syed Kashif Ali Bukhari
+92-345-8444420
http://sysadminsline.com
http://kashifbukhari.com
kbukhari
Major General
 
Posts: 1222
Joined: Sat Dec 31, 2005 12:29 am
Website: http://kashifbukhari.com
Location: Lahore

Postby Kdaemon » Mon Jan 02, 2006 7:22 pm

mohsan1987 wrote:the one way is to login as root and edit both files to remove password. how can i guess exact passwrd in text. not in MD5 format

study cryptography :idea:

but why do you need such information ?
Is it for good purpose or the wrong one? :idea:
reg linux user #298274
Kdaemon
Naib Subedar
 
Posts: 346
Joined: Sat Nov 30, 2002 12:22 pm
Location: Islamabad. GPS: LHR

Postby mohsan1987 » Tue Jan 03, 2006 1:12 pm

i need it for good purpose, for information...
^_^ MOHSAN ^_^

@@@@@@@@@@@@@@@@@@@@@@@

Linux Registered User # 409284

register your self if you are using Linux

www.counter.li.org

@@@@@@@@@@@@@@@@@@@@@@@
mohsan1987
Company Havaldaar Major
 
Posts: 163
Joined: Sun Oct 23, 2005 7:21 am
Website: http://mh87.mycv.pk
WLM: mohsan_87@msn.com
Yahoo Messenger: mh_iiu@yahoo.com
Location: Lalamusa

How to recover password

Postby AsadRasheed » Thu Jan 05, 2006 4:04 pm

Salam
Dear mohsan1987,

Use John the Ripper to crack encrypted password , or you can say translate encrypted password into readable format .


Regards,
M Asad Rasheed
registered linux user #394856
http://www.bsdpakistan.org
AsadRasheed
Battalion Quarter Master Havaldaar
 
Posts: 228
Joined: Fri Jan 28, 2005 6:23 pm
Location: Karachi

Re: How to recover password

Postby LinuxFreaK » Thu Jan 05, 2006 9:38 pm

Dear AsadRasheed,
Salam,

AsadRasheed wrote:Use John the Ripper to crack encrypted password , or you can say translate encrypted password into readable format .


Might be you take me wrong but don't you think its againts our rule no 3.

* We have zero tolerance for piracy and warez in this group. Any attempts of asking or offering warez will result in the post being silently dropped.

because if what he want to do is illegal :)

Best Regards.
Farrukh Ahmed
LinuxFreaK
Site Admin
 
Posts: 5132
Joined: Fri May 02, 2003 10:24 am
ICQ: 82075802
Website: http://www.linuxpakistan.net/wiki/index.php?pagename=LinuxFreak
WLM: f4fahmed@hotmail.com
Yahoo Messenger: f4fahmed@yahoo.com
AOL: linuxpakistan@aol.com
Location: Karachi

Postby server » Fri Jan 06, 2006 7:30 pm

Use John the Ripper to crack encrypted password , or you can say translate encrypted password into readable format .

this software for cracking password and its banned. John the ripper is basicly for testing our passwords week, good or strong. dnt use this one for bad things
Thanks
Good Bye
Image
  • Welcome In Red Hat Enterprise 4

Image
server
Naik
 
Posts: 83
Joined: Tue Jan 03, 2006 7:41 pm
Website: http://www.DecentNetwork.com
WLM: zeeshan@decentnetwork.com
Yahoo Messenger: shani_rago@yahoo.com
Location: Lahore

Postby LinuxNerd » Sun Nov 19, 2006 7:44 pm

Well if the password in shadow is hashed MD5 or SHA1 (which it is not so) then you cannot recover it as hashing is a one way function that is it is not reversable, that is why sometimes if you forget your passwords at YAHOO! or Hotmail they reset your passwords. Anyways the password in shadow file is encrypted using DES algorithm. You can view that also from

man crypt

You can easily create a C program to create your own implementation of extracting password from shadow file.
LinuxNerd
Lance Naik
 
Posts: 39
Joined: Wed Sep 15, 2004 1:45 am

Postby lambda » Sun Nov 19, 2006 9:04 pm

LinuxNerd wrote:You can easily create a C program to create your own implementation of extracting password from shadow file.
unless you know of a bug in des that no one else knows about, there is no way to go from the encrypted password in /etc/passwd or /etc/shadow to the original text. are you aware that des is used as a one-way hash for the passwords? read the source code to the crypt code.
lambda
Major General
 
Posts: 3452
Joined: Tue May 27, 2003 7:04 pm
Website: http://www.hungry.com/~fn/
Location: Lahore

Postby LinuxNerd » Fri Nov 24, 2006 2:30 am

err BUG give me break... DES is an encryption algorithm. There is a world apart difference between encryption and hashing. Encrypted text can be decrypted, but hashing is a one way function. You need to study cryptography to get that, linux wont explain that. By the way RSA and DSA (these are much better than DES, 3DES, Rijndael, RC5, AES, ...) can be decrypted as well. I leave that part for the learned here :P to think and figure out how. Googling can solve lots of your woes, it would tell you how can you encrypt and decrypt these implementations. To calculate hashes (MD5 or SHA1 namely) is what we call in modern day world brute force or dictionary based password cracking, which some tools do used as mentioned in one of the recent posts. So it isnt impossible, it is just that we are unaware.

Might like to read
http://tldp.org/HOWTO/Shadow-Password-HOWTO-2.html
LinuxNerd
Lance Naik
 
Posts: 39
Joined: Wed Sep 15, 2004 1:45 am


Return to “%s” Security

Who is online

Users browsing this forum: No registered users and 1 guest

cron