Hi, >>"Michael" == Michael Beattie <[EMAIL PROTECTED]> writes:
Michael> After thinking about the crypt function, salts, etc... would Michael> it not be possible to do this: Michael> 1) obtain the source for the crypt function. Michael> 2) obtain by whatever method, the hashed/encrypted/whatever Michael> password from /etc/shadow. That means you are root on the machine. Michael> 3) reverse the technique in the crypt function, then apply Michael> that to the string obtained from /etc/shadow using salt #1 Yup. You shall then have accomplished something that noone else has, so far. You probably shall then command large salaries as several corporations and government agencies vie for you talents ;-) Michael> 4) repeat step 3 for each of the 4096 (??) salts. Why? You already know what the salt is, if you have read /etc/shadow. And if you can reverse crypt; you have the password. Michael> would that leave you with 4096 possible passwords to try at Michael> login? maybe use a telnet script of some kind somehow? Does your telent allow you to keep trying passwords ad infinitum? Does it not close connections after a fixed number of attempts? manoj -- Practice is the best of all instructors. Publilius Manoj Srivastava <[EMAIL PROTECTED]> <http://www.datasync.com/%7Esrivasta/> Key C7261095 fingerprint = CB D9 F4 12 68 07 E4 05 CC 2D 27 12 1D F5 E8 6E