Try checking http://packetstorm.securify.com
They have tons of stuff that you can use. I think the most popular one is
called John the ripper.
As far as the original problem, perhaps you could store the ciphertext
password in a database (or keep them in the text file), and use <cfexecute>
to run a program that will encipher the user entered data, and compare it
with the enciphered password? This is basically what a Unix system does
when you enter the password anyway.
Chris Martin
FSenablers, Inc
-----Original Message-----
From: Peter Janett [mailto:[EMAIL PROTECTED]]
Sent: Thursday, April 12, 2001 8:25 PM
To: CF-Talk
Subject: Re: Converting/creating .htaccess (UNIX crypt) passwords help
nee ded.
Are passwords crypted with the "crypt" function on UNIX "breakable"?
I have another situation where I originally setup POP passwords using crypt,
and would like to go to plain text, as my clients always forget their
passwords, and I have to just reset it to a new one.
So, if you know of any way to "uncrypt" please let me know. (If you'd feel
better emailing me privately, feel free.)
Thanks,
Peter Janett
New Media One Web Services
================================
WEB HOSTING FOR WEB DEVELOPERS
================================
Sun, IRIX, Windows 2000, Linux;
PHP, MySQL, Perl, Cold Fusion,
MS SQL, ASP, SSI, SSL
http://www.newmediaone.net
[EMAIL PROTECTED]
(303)828-9882
----- Original Message -----
From: "Terry Bader" <[EMAIL PROTECTED]>
To: "CF-Talk" <[EMAIL PROTECTED]>
Sent: Thursday, April 12, 2001 3:58 PM
Subject: RE: Converting/creating .htaccess (UNIX crypt) passwords help nee
ded.
> don't quote me on this but i do not think it is possible... even using
perl
> on both systems to create the encryption... both platforms perform the
> encrypt functionality differently...
>
> well, in my experience, once tried to do the same thing... but i too may
> have missed something.....
>
> my only recommendation to too run a password breaker on the unix encrypted
> passwords, save it to a file like ID::CLEARTEXTPASSWORD
> then take it to your windows platform and use cfml to parse the file and
> re-encrypt...
> but this isnt gaurrenteed due to that not all passwords are figured out by
> the breaker...
>
> good-luck and if there is an easy solution, let me know PLZ...
>
>
>
> Terry Bader
> IT/Web Specialist
> EDO Corp - Combat Systems
> (757) 424-1004 ext 361 - Work
> [EMAIL PROTECTED]
>
>
> (757)581-5981 - Mobile
> [EMAIL PROTECTED]
> icq: 5202487 aim: lv2bounce
> http://www.cs.odu.edu/~bader
>
>
>
>
>
>
> > -----Original Message-----
> > From: Peter Janett [mailto:[EMAIL PROTECTED]]
> > Sent: Thursday, April 12, 2001 4:05 PM
> > To: CF-Talk
> > Subject: Converting/creating .htaccess (UNIX crypt) passwords help
> > needed.
> >
> >
> > Converting/creating .htaccess (UNIX crypt) password help needed.
> >
> > I'm moving a site over from UNIX to Win2k with CF. I need to
> > duplicate a
> > password protected directory that used .htaccess passwords on
> > the old UNIX
> > system.
> >
> > The issue is, there is a large number of username/password
> > combinations. I
> > don't have the passwords anywhere, so I need to duplicate the
> > process of
> > crypt, so I can crypt the new password, and test it against
> > the one crypted
> > on the old UNIX account.
> >
> > Any help appreciated,
> >
> > Peter Janett
> >
> > New Media One Web Services
> > ================================
> > WEB HOSTING FOR WEB DEVELOPERS
> > ================================
> > Sun, IRIX, Windows 2000, Linux;
> > PHP, MySQL, Perl, Cold Fusion,
> > MS SQL, ASP, SSI, SSL
> > http://www.newmediaone.net
> > [EMAIL PROTECTED]
> > (303)828-9882
> >
> >
> >
> >
>
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Structure your ColdFusion code with Fusebox. Get the official book at
http://www.fusionauthority.com/bkinfo.cfm
Archives: http://www.mail-archive.com/[email protected]/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
