Can /etc/shadow passwords be decrypted?

nitromax

Well-Known Member
Feb 12, 2002
189
0
316
Hello,

Can /etc/shadow passwords be decrypted?

If yes, does anyone have a script which does that, and would you be willing to share it?

I have an older server on the Alabanza system, and their backend control panel shows the username and passwords of all the customers on the server so that if someone loses their password we can look them up.

How is it that they are reading the password and displaying it?

Any help would be appreciated.

--
Chad R.
 

nitromax

Well-Known Member
Feb 12, 2002
189
0
316
Feature Request...

Thanks for the quick reply!

By the way, I really think the WHM and CPanel are top notch!!! Very impressive!

Any chance of seeing a feature added that would allow us to enter the cusomters contact email into the account setup form?

And then coupled with that, it would be nice if there was a way to create setup email templates (for us and for resellers). Then it would be nice to be able to select the setup email template that you want to send. When the account is created it would automatically send out the setup email to the customer, sending him/her the IP Address, Username, Password, Plan Ordered, etc...

It might also be nice to have the option of either sending out the email right away, or being able to setup the account without sending out the setup email. Then, sometime later, after the account has been setup, being able to go back in and send the seutp email out by simply clicking a link in the WHM.

If this should be posted in another location please let me know.

Greak work Nick! My complements! I wish I had know about CPanel about 3 months ago. I have had 2 failed attempts with other control panel companies that turned out very badly. Finally things are going my way.

--

Chad R.
 
B

bdraco

Guest
You might want to submit a feature request:


http://support.cpanel.net/obb/read.php?TID=584
 

nitromax

Well-Known Member
Feb 12, 2002
189
0
316
Still not able to decrypt /etc/shadow passwords...

Hello,

I tried going to that link you gave above, I downloaded that John the Ripper program, and followed the instructions to the letter. I got it to work, but it apparently doesn't decrypt the passwords, it just tries to crack them?

Am I just doing something wrong? I was hoping to be able to read the /etc/shadow password, decrypt it, and retrieve the password very quickly.

Any other ideas?

--
Chad R.
 
B

bdraco

Guest
[quote:f62466c161][i:f62466c161]Originally posted by nitromax[/i:f62466c161]

Hello,

I tried going to that link you gave above, I downloaded that John the Ripper program, and followed the instructions to the letter. I got it to work, but it apparently doesn't decrypt the passwords, it just tries to crack them?

Am I just doing something wrong? I was hoping to be able to read the /etc/shadow password, decrypt it, and retrieve the password very quickly.

Any other ideas?

--
Chad R.[/quote:f62466c161]

Its DES encryption so you have to crack it ....

---
 

teck

Well-Known Member
Aug 10, 2001
164
0
316
I used to use john on a unshadowed password file I have. Took about 5 days on a P166. It uses brute force with a password file. If your passwd file is shadowed, you're out of luck.
 
B

bdraco

Guest
[quote:eb198a28ff][i:eb198a28ff]Originally posted by teck[/i:eb198a28ff]

I used to use john on a unshadowed password file I have. Took about 5 days on a P166. It uses brute force with a password file. If your passwd file is shadowed, you're out of luck.[/quote:eb198a28ff]


Not really .. it cracked the entire /etc/shadow on a shared machine in under 24 hours .. however it was also a dual athlon 1.4ghz .
 

shaun

Well-Known Member
PartnerNOC
Verifed Vendor
Nov 9, 2001
708
1
318
San Clemente, Ca
cPanel Access Level
DataCenter Provider
Twitter
I've used john to crack a root password in a shadow file once. It took me about a week and that was on my pentium 120 with 64 RAM.


Of course the pasword was 14 chars long to if a recall correctly.

The time it takes to brute force a password will depend on a number of things, cpu, pass length, etc.
 

shaun

Well-Known Member
PartnerNOC
Verifed Vendor
Nov 9, 2001
708
1
318
San Clemente, Ca
cPanel Access Level
DataCenter Provider
Twitter
Nope, John does Brute Force baby.

I never really understud those other stupid password crackers out their. They would go threw dictionary's looking for people who use words and names. Brute Force is the way to go.



Just FYI, this is a type of brute force attack.

aa
ab
ac
ad
ae
af
etc....
 

rpmws

Well-Known Member
Aug 14, 2001
1,822
8
318
back woods of NC, USA
[quote:a3f4b58f48][i:a3f4b58f48]Originally posted by nitromax[/i:a3f4b58f48]

Hello,

Can /etc/shadow passwords be decrypted?

If yes, does anyone have a script which does that, and would you be willing to share it?

I have an older server on the Alabanza system, and their backend control panel shows the username and passwords of all the customers on the server so that if someone loses their password we can look them up.

How is it that they are reading the password and displaying it?

Any help would be appreciated.

--
Chad R.[/quote:a3f4b58f48]

They aren't .. the dumb bastards actually store all your client login and billing data in one of their &center& servers that Shrek could crack into. You will also notice that your server and your DSM woudl often become out-of-sync at times.

If you need those mail POP passwords what I did was simply copy the crypted string into my cpanel server and POP worked fine. :) so did cpanels. Believe it or not. Next day people couldn't believe they had a new control panel.
 

powerhouse

Well-Known Member
Nov 5, 2001
93
0
306
Ok
That did not work on our servers. I tried them all. none of them did it.

so, since they are stored in DES, and have to be cracked, I guess the easiest way to get the password for the users that loose them would be to just reset the password and have them change it in the cp.

Is their a module that will allow us to change a users password from a perl script??

What about with the new Remote access?
Can we modify the Accounting.pm file to allow us to do that, if the function is not their yet, Nick?
 
B

bdraco

Guest
[quote:f1f8e144e9][i:f1f8e144e9]Originally posted by powerhouse[/i:f1f8e144e9]

That did not work on our servers. I tried them all. none of them did it.

so, since they are stored in DES, and have to be cracked, I guess the easiest way to get the password for the users that loose them would be to just reset the password and have them change it in the cp.

Is their a module that will allow us to change a users password from a perl script??

What about with the new Remote access?
Can we modify the Accounting.pm file to allow us to do that, if the function is not their yet, Nick?

[/quote:f1f8e144e9]

Open a feature request .. I'm almost done a php version of that so if you get it in soon I'll be able to back port as well.
 

Ediz

Member
Aug 20, 2001
5
0
301
[quote:6d47a021d7]

Open a feature request .. I'm almost done a php version of that so if you get it in soon I'll be able to back port as well.[/quote:6d47a021d7]

When php version will be available?