Can /etc/shadow passwords be decrypted?

[nitromax]

Hello,

Can /etc/shadow passwords be decrypted?

If yes, does anyone have a script which does that, and would you be willing to share it?

I have an older server on the Alabanza system, and their backend control panel shows the username and passwords of all the customers on the server so that if someone loses their password we can look them up.

How is it that they are reading the password and displaying it?

Any help would be appreciated.

--
Chad R.

 

[bdraco]

http://www.openwall.com/john/

 

[nitromax]

Feature Request...

Thanks for the quick reply!

By the way, I really think the WHM and CPanel are top notch!!! Very impressive!

Any chance of seeing a feature added that would allow us to enter the cusomters contact email into the account setup form?

And then coupled with that, it would be nice if there was a way to create setup email templates (for us and for resellers). Then it would be nice to be able to select the setup email template that you want to send. When the account is created it would automatically send out the setup email to the customer, sending him/her the IP Address, Username, Password, Plan Ordered, etc...

It might also be nice to have the option of either sending out the email right away, or being able to setup the account without sending out the setup email. Then, sometime later, after the account has been setup, being able to go back in and send the seutp email out by simply clicking a link in the WHM.

If this should be posted in another location please let me know.

Greak work Nick! My complements! I wish I had know about CPanel about 3 months ago. I have had 2 failed attempts with other control panel companies that turned out very badly. Finally things are going my way.

--

Chad R.

 

[bdraco]

You might want to submit a feature request:


http://support.cpanel.net/obb/read.php?TID=584

 

[nitromax]

Still not able to decrypt /etc/shadow passwords...

Hello,

I tried going to that link you gave above, I downloaded that John the Ripper program, and followed the instructions to the letter. I got it to work, but it apparently doesn't decrypt the passwords, it just tries to crack them?

Am I just doing something wrong? I was hoping to be able to read the /etc/shadow password, decrypt it, and retrieve the password very quickly.

Any other ideas?

--
Chad R.

 

[bdraco]

[quote:f62466c161][i:f62466c161]Originally posted by nitromax[/i:f62466c161]

Hello,

I tried going to that link you gave above, I downloaded that John the Ripper program, and followed the instructions to the letter. I got it to work, but it apparently doesn't decrypt the passwords, it just tries to crack them?

Am I just doing something wrong? I was hoping to be able to read the /etc/shadow password, decrypt it, and retrieve the password very quickly.

Any other ideas?

--
Chad R.[/quote:f62466c161]

Its DES encryption so you have to crack it ....

---

 

[teck]

I used to use john on a unshadowed password file I have. Took about 5 days on a P166. It uses brute force with a password file. If your passwd file is shadowed, you're out of luck.

 

[bdraco]

[quote:eb198a28ff][i:eb198a28ff]Originally posted by teck[/i:eb198a28ff]

I used to use john on a unshadowed password file I have. Took about 5 days on a P166. It uses brute force with a password file. If your passwd file is shadowed, you're out of luck.[/quote:eb198a28ff]


Not really .. it cracked the entire /etc/shadow on a shared machine in under 24 hours .. however it was also a dual athlon 1.4ghz .

 

[shaun]

I've used john to crack a root password in a shadow file once. It took me about a week and that was on my pentium 120 with 64 RAM.


Of course the pasword was 14 chars long to if a recall correctly.

The time it takes to brute force a password will depend on a number of things, cpu, pass length, etc.

 

[teck]

Don't you need a good dic file?

 

[shaun]

Nope, John does Brute Force baby.

I never really understud those other stupid password crackers out their. They would go threw dictionary's looking for people who use words and names. Brute Force is the way to go.



Just FYI, this is a type of brute force attack.

aa
ab
ac
ad
ae
af
etc....

 

[rpmws]

[quote:a3f4b58f48][i:a3f4b58f48]Originally posted by nitromax[/i:a3f4b58f48]

Hello,

Can /etc/shadow passwords be decrypted?

If yes, does anyone have a script which does that, and would you be willing to share it?

I have an older server on the Alabanza system, and their backend control panel shows the username and passwords of all the customers on the server so that if someone loses their password we can look them up.

How is it that they are reading the password and displaying it?

Any help would be appreciated.

--
Chad R.[/quote:a3f4b58f48]

They aren't .. the dumb bastards actually store all your client login and billing data in one of their &center& servers that Shrek could crack into. You will also notice that your server and your DSM woudl often become out-of-sync at times.

If you need those mail POP passwords what I did was simply copy the crypted string into my cpanel server and POP worked fine. so did cpanels. Believe it or not. Next day people couldn't believe they had a new control panel.

 

[powerhouse]

That did not work on our servers. I tried them all. none of them did it.

so, since they are stored in DES, and have to be cracked, I guess the easiest way to get the password for the users that loose them would be to just reset the password and have them change it in the cp.

Is their a module that will allow us to change a users password from a perl script??

What about with the new Remote access?
Can we modify the Accounting.pm file to allow us to do that, if the function is not their yet, Nick?

 

[bdraco]

[quote:f1f8e144e9][i:f1f8e144e9]Originally posted by powerhouse[/i:f1f8e144e9]

That did not work on our servers. I tried them all. none of them did it.

so, since they are stored in DES, and have to be cracked, I guess the easiest way to get the password for the users that loose them would be to just reset the password and have them change it in the cp.

Is their a module that will allow us to change a users password from a perl script??

What about with the new Remote access?
Can we modify the Accounting.pm file to allow us to do that, if the function is not their yet, Nick?

[/quote:f1f8e144e9]

Open a feature request .. I'm almost done a php version of that so if you get it in soon I'll be able to back port as well.

 

[Ediz]

[quote:6d47a021d7]

Open a feature request .. I'm almost done a php version of that so if you get it in soon I'll be able to back port as well.[/quote:6d47a021d7]

When php version will be available?