On Wed, Nov 27, 2002 at 01:31:22AM +0800, Dean Michael Berris wrote: > > i've heard of a tool called 'jack the ripper' which is dedicated to > cracking a whole /etc/password and/or /etc/shadow file. this might be of > some importance to some crackers out there, and has been a relatively > very interesting tool for the said purpose of cracking... ;) >
I have -used- said tool. It is basically a dictionary attack and more. There are many more "cracker" tools that legit sysadmins employ to keep their own systems a bit more secure, but brute force cracking cannot completely regurgitate good passwords within short time constraints. Even if you have access to /etc/passwd and/or /etc/shadow, there's no assurance that you will be able to "crack" all password entries. Note: the unauthorized use of "cracker" tools on your school/work servers may constitute a criminal offense, so make sure you know what the policy is for your workplace/school. If you're doing it on your own machines... that's your business. If you're "cracking" someone else's password file... be aware that you may be liable for doing so. xen -- ___ eric pareja (xenos AT ice.onosendai.org) User #8159 http://counter.li.org \e/ [ Chiba City: A Cyberpunk MUSH - http://chibacity.erisian.net ] GNU/Linux v [ Philippine Linux Users' Group + http://plug.linux.org.ph ] Software & [ Free the books! http://www.bookcrossing.com/referral/pusakat ] Freedom "...the symbol is nothing. It is the reality behind every symbol that is all." _ Philippine Linux Users Group. Web site and archives at http://plug.linux.org.ph To leave: send "unsubscribe" in the body to [EMAIL PROTECTED] Fully Searchable Archives With Friendly Web Interface at http://marc.free.net.ph To subscribe to the Linux Newbies' List: send "subscribe" in the body to [EMAIL PROTECTED]
