Brian: Based on your initial query, I ended up writing a shell script that makes use of John the Ripper to test password files against a user-defined default password. I wrote it for myself, but I figured I'd share it since others may also be interested.
The main problem I ran into was that john would save a list of the passwords it had cracked, so if I had already run it with my lab's default password it would not re-check the ones it had already "solved." I wanted it to always give me a list of people with the default password, not skip what's already in the database. To get around this, the script deletes the list--if it exists--before the run. (It also deletes the list afterward, for security.) You can edit the PWFILES variable in the script if you want it to check password hashes in other files; it's currently set to check /etc/shadow and /etc/samba/smbpasswd. The script uses its first argument as the password to check against; if there are no arguments, it asks the user for input. Hope this helps someone! -- Brad Beyenhof http://augmentedfourth.com Silence will save me from being wrong (and foolish), but it will also deprive me of the possibility of being right. ~ Igor Stravinsky =====checkpass script===== #!/bin/sh #list of files with password hashes to check PWFILES="/etc/shadow /etc/samba/smbpasswd" #makes sure crack database is deleted so you can re-check whether users #have changed their passwords rm -rf ~/.john #if no arguments, ask for password to try if [ $# = 0 ]; then read -p "Enter password to check against: " PASS #otherwise, use the first argument else PASS=$1 fi #run john on each element of PWFILES using supplied password for FILE in ${PWFILES}; do echo echo "Checking in ${FILE}..." echo "${PASS}" | john --stdin ${FILE} echo done #delete crack database so you don't leave the list of cracks lying around rm -rf ~/.john =====/checkpass script===== -- [email protected] http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-list
