On 2015-10-17, Ted Unangst <[email protected]> wrote: > Adam Wysocki wrote: >> As OpenBSD crypt() function differs from the one in Linux libc and returns >> NULL for setting "Mb", before I start porting it from libc, maybe you have >> an easier solution? Maybe there is a library I can use (different than >> whole bloated Linux libc)? > > run john the ripper to crack all their passwords, then create bcrypt hashes > for them? i'm only half kidding. des crypt should have been retired ages ago.
They can't be more than 8 chars so even if you have to brute-force them it shouldn't take that long. Only problem is that you can't be sure you got the original password, it might be something else that produces the same crypted value. Still, it's fairly likely that they will be obvious (at least they have been when I've used this method).
