Results 1 to 10 of 20
Hey I want to find out the passwd of a user by decrypting it. Is there a software available or some method of doing it???...
- 05-24-2009 #1Linux User
- Join Date
- Mar 2009
- Location
- Mumbai, India
- Posts
- 493
decrypting the /etc/passwd file
Hey I want to find out the passwd of a user by decrypting it. Is there a software available or some method of doing it???
Only if I could understand the man pages
Registered Linux user #492640
OS: RHEL4,5 ,RH 9,Ubuntu
- 05-24-2009 #2Trusted Penguin
- Join Date
- Jul 2004
- Location
- Either at home or at work or down the pub
- Posts
- 2,298
If the password has been forgotten you will have to reset it as far as I know
If we hit that bullseye, the rest of the dominoes will fall like a house of cards. Checkmate! (Zapp Brannigan)
My new blog. It's probably not as good as I think it is.
- 05-24-2009 #3Linux User
- Join Date
- Mar 2009
- Location
- Mumbai, India
- Posts
- 493
is it possible to decrypt the password in the /etc/shadow file if the cryptic line is obtained
Only if I could understand the man pages
Registered Linux user #492640
OS: RHEL4,5 ,RH 9,Ubuntu
- 05-24-2009 #4Linux Engineer
- Join Date
- Mar 2007
- Location
- The Netherlands
- Posts
- 1,047
No. Although a clever hacker might argue otherwise, because I believe it is not entirely impossible theoretically. Still, the answer to your question is 'no, tis not possible'.
When you have root, you can set and reset passwords though.Can't tell an OS by it's GUI
- 05-24-2009 #5Linux User
- Join Date
- Feb 2005
- Location
- London, England
- Posts
- 385
MD5 hashes are one way, that means they're not designed to be decrypted they're merely used for comparison. It is theoretically possible to crack MD5 with a tool that MD5 hashes a given word and compares it to the MD5 sum. This, however, is not really cracking but brute-forcing; with a decent password (no less than 8 characters, not dictionary based) your chances of brute-forcing it are slim to none.
A good password is the root of all security.
- 05-24-2009 #6Linux Guru
- Join Date
- Nov 2004
- Posts
- 6,110
As I understand it, the shadow file on modern systems can be "decrypted" using rainbow tables. This is where the hashes are prepared in advance by running as many words as possible through password encyrption and only later comparing the new encrypted strings with those in /etc/shadow.
- 05-24-2009 #7Trusted Penguin
- Join Date
- Jul 2004
- Location
- Either at home or at work or down the pub
- Posts
- 2,298
That doesn't sound like a good idea. Very insecure?
If we hit that bullseye, the rest of the dominoes will fall like a house of cards. Checkmate! (Zapp Brannigan)
My new blog. It's probably not as good as I think it is.
- 05-24-2009 #8Linux Guru
- Join Date
- Nov 2004
- Posts
- 6,110
I think MD5 and SHA1 have both been proved to have vulnerabilities. They're really only useful for checksums on distributed media, no use for actual encryption from what I'm told.
Rainbow tables themselves are now quite common. I think 0phtcrack uses them.
Rainbow table - Wikipedia, the free encyclopedia
- 05-24-2009 #9Linux User
- Join Date
- Mar 2009
- Location
- Mumbai, India
- Posts
- 493
is there any passwd cracking utility for linux like ophtcrack??
Only if I could understand the man pages
Registered Linux user #492640
OS: RHEL4,5 ,RH 9,Ubuntu
- 05-24-2009 #10Trusted Penguin
- Join Date
- Jul 2004
- Location
- Either at home or at work or down the pub
- Posts
- 2,298
Yikes! I really must keep up!
Originally Posted by bigtomrodney 
If we hit that bullseye, the rest of the dominoes will fall like a house of cards. Checkmate! (Zapp Brannigan)
My new blog. It's probably not as good as I think it is.
Reply With Quote 
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts