The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Can /etc/shadow passwords be decrypted?

Discussion in 'General Discussion' started by nitromax, Feb 18, 2002.

  1. nitromax

    nitromax Well-Known Member

    Joined:
    Feb 12, 2002
    Messages:
    189
    Likes Received:
    0
    Trophy Points:
    16
    Hello,

    Can /etc/shadow passwords be decrypted?

    If yes, does anyone have a script which does that, and would you be willing to share it?

    I have an older server on the Alabanza system, and their backend control panel shows the username and passwords of all the customers on the server so that if someone loses their password we can look them up.

    How is it that they are reading the password and displaying it?

    Any help would be appreciated.

    --
    Chad R.
     
  2. bdraco

    bdraco Guest

    http://www.openwall.com/john/
     
  3. nitromax

    nitromax Well-Known Member

    Joined:
    Feb 12, 2002
    Messages:
    189
    Likes Received:
    0
    Trophy Points:
    16
    Feature Request...

    Thanks for the quick reply!

    By the way, I really think the WHM and CPanel are top notch!!! Very impressive!

    Any chance of seeing a feature added that would allow us to enter the cusomters contact email into the account setup form?

    And then coupled with that, it would be nice if there was a way to create setup email templates (for us and for resellers). Then it would be nice to be able to select the setup email template that you want to send. When the account is created it would automatically send out the setup email to the customer, sending him/her the IP Address, Username, Password, Plan Ordered, etc...

    It might also be nice to have the option of either sending out the email right away, or being able to setup the account without sending out the setup email. Then, sometime later, after the account has been setup, being able to go back in and send the seutp email out by simply clicking a link in the WHM.

    If this should be posted in another location please let me know.

    Greak work Nick! My complements! I wish I had know about CPanel about 3 months ago. I have had 2 failed attempts with other control panel companies that turned out very badly. Finally things are going my way.

    --

    Chad R.
     
  4. bdraco

    bdraco Guest

    You might want to submit a feature request:


    http://support.cpanel.net/obb/read.php?TID=584
     
  5. nitromax

    nitromax Well-Known Member

    Joined:
    Feb 12, 2002
    Messages:
    189
    Likes Received:
    0
    Trophy Points:
    16
    Still not able to decrypt /etc/shadow passwords...

    Hello,

    I tried going to that link you gave above, I downloaded that John the Ripper program, and followed the instructions to the letter. I got it to work, but it apparently doesn't decrypt the passwords, it just tries to crack them?

    Am I just doing something wrong? I was hoping to be able to read the /etc/shadow password, decrypt it, and retrieve the password very quickly.

    Any other ideas?

    --
    Chad R.
     
  6. bdraco

    bdraco Guest

    [quote:f62466c161][i:f62466c161]Originally posted by nitromax[/i:f62466c161]

    Hello,

    I tried going to that link you gave above, I downloaded that John the Ripper program, and followed the instructions to the letter. I got it to work, but it apparently doesn't decrypt the passwords, it just tries to crack them?

    Am I just doing something wrong? I was hoping to be able to read the /etc/shadow password, decrypt it, and retrieve the password very quickly.

    Any other ideas?

    --
    Chad R.[/quote:f62466c161]

    Its DES encryption so you have to crack it ....

    ---
     
  7. teck

    teck Well-Known Member

    Joined:
    Aug 10, 2001
    Messages:
    164
    Likes Received:
    0
    Trophy Points:
    16
    I used to use john on a unshadowed password file I have. Took about 5 days on a P166. It uses brute force with a password file. If your passwd file is shadowed, you're out of luck.
     
  8. bdraco

    bdraco Guest

    [quote:eb198a28ff][i:eb198a28ff]Originally posted by teck[/i:eb198a28ff]

    I used to use john on a unshadowed password file I have. Took about 5 days on a P166. It uses brute force with a password file. If your passwd file is shadowed, you're out of luck.[/quote:eb198a28ff]


    Not really .. it cracked the entire /etc/shadow on a shared machine in under 24 hours .. however it was also a dual athlon 1.4ghz .
     
  9. shaun

    shaun Well-Known Member

    Joined:
    Nov 9, 2001
    Messages:
    698
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    San Clemente, Ca
    I've used john to crack a root password in a shadow file once. It took me about a week and that was on my pentium 120 with 64 RAM.


    Of course the pasword was 14 chars long to if a recall correctly.

    The time it takes to brute force a password will depend on a number of things, cpu, pass length, etc.
     
  10. teck

    teck Well-Known Member

    Joined:
    Aug 10, 2001
    Messages:
    164
    Likes Received:
    0
    Trophy Points:
    16
    Don't you need a good dic file?
     
  11. shaun

    shaun Well-Known Member

    Joined:
    Nov 9, 2001
    Messages:
    698
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    San Clemente, Ca
    Nope, John does Brute Force baby.

    I never really understud those other stupid password crackers out their. They would go threw dictionary's looking for people who use words and names. Brute Force is the way to go.



    Just FYI, this is a type of brute force attack.

    aa
    ab
    ac
    ad
    ae
    af
    etc....
     
  12. rpmws

    rpmws Well-Known Member

    Joined:
    Aug 14, 2001
    Messages:
    1,824
    Likes Received:
    5
    Trophy Points:
    38
    Location:
    back woods of NC, USA
    [quote:a3f4b58f48][i:a3f4b58f48]Originally posted by nitromax[/i:a3f4b58f48]

    Hello,

    Can /etc/shadow passwords be decrypted?

    If yes, does anyone have a script which does that, and would you be willing to share it?

    I have an older server on the Alabanza system, and their backend control panel shows the username and passwords of all the customers on the server so that if someone loses their password we can look them up.

    How is it that they are reading the password and displaying it?

    Any help would be appreciated.

    --
    Chad R.[/quote:a3f4b58f48]

    They aren't .. the dumb bastards actually store all your client login and billing data in one of their &center& servers that Shrek could crack into. You will also notice that your server and your DSM woudl often become out-of-sync at times.

    If you need those mail POP passwords what I did was simply copy the crypted string into my cpanel server and POP worked fine. :) so did cpanels. Believe it or not. Next day people couldn't believe they had a new control panel.
     
  13. powerhouse

    powerhouse Well-Known Member

    Joined:
    Nov 5, 2001
    Messages:
    93
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    Ok
    That did not work on our servers. I tried them all. none of them did it.

    so, since they are stored in DES, and have to be cracked, I guess the easiest way to get the password for the users that loose them would be to just reset the password and have them change it in the cp.

    Is their a module that will allow us to change a users password from a perl script??

    What about with the new Remote access?
    Can we modify the Accounting.pm file to allow us to do that, if the function is not their yet, Nick?
     
  14. bdraco

    bdraco Guest

    [quote:f1f8e144e9][i:f1f8e144e9]Originally posted by powerhouse[/i:f1f8e144e9]

    That did not work on our servers. I tried them all. none of them did it.

    so, since they are stored in DES, and have to be cracked, I guess the easiest way to get the password for the users that loose them would be to just reset the password and have them change it in the cp.

    Is their a module that will allow us to change a users password from a perl script??

    What about with the new Remote access?
    Can we modify the Accounting.pm file to allow us to do that, if the function is not their yet, Nick?

    [/quote:f1f8e144e9]

    Open a feature request .. I'm almost done a php version of that so if you get it in soon I'll be able to back port as well.
     
  15. Ediz

    Ediz Member

    Joined:
    Aug 20, 2001
    Messages:
    5
    Likes Received:
    0
    Trophy Points:
    1
    [quote:6d47a021d7]

    Open a feature request .. I'm almost done a php version of that so if you get it in soon I'll be able to back port as well.[/quote:6d47a021d7]

    When php version will be available?
     
Loading...

Share This Page