mohamed shanaf wrote:
>
>
> *//*
>
> Hello,
> Biggest bug in linux/unix discovered!!!!! U can retrieve Password of
> the user..... Do u know - You can get to reveal your password!! This
> is due a well known bug in the crypto algorithm of UNIX, used to
> generate /etc/passwd hash. Recent fixes have recommended usage of
> stronger algorithms like MD5, etc., But due to the large deployment
> of Unix machines, world-wide, its a very difficult task, requiring
> huge Logistics support. Check if your machine has the vulnerability.
> It could be fixed/still open... just type the following command in
> UNIX or LINUX or Solaris, and you won't believe that it will give
> you password of the user who has logged in !!! Echo '82 43/25
> 43+65P80P82P73P76P32P70P79P79P76P10P' | dc
Damn! got it on the 1st go.. and that password has been secure for *years*
against John the ripper
and known dictionary attacks :(
B
--
"Human beings, who are almost unique in having the ability
to learn from the experience of others, are also remarkable
for their apparent disinclination to do so." -- Douglas Adams
Yahoo! Groups Links
<*> To visit your group on the web, go to:
http://groups.yahoo.com/group/dubailug/
<*> To unsubscribe from this group, send an email to:
[EMAIL PROTECTED]
<*> Your use of Yahoo! Groups is subject to:
http://docs.yahoo.com/info/terms/
