==Phrack Inc.==
Volume Two, Issue 22, File 6 of 12
()()()()()()()()()()()()()()()()()()()()()()()()()()()
()() ()()
() Yet Another File On Hacking Unix! ()
() ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ()
() By ()
() ()
() >Unknown User< ()
() A special "ghost" writer of Phrack Inc. ()
()() ()()
()()()()()()()()()()()()()()()()()()()()()()()()()()()
Greetings from The Unix Front...
I am unable to use my real alias since it has now become too well known and
others are able to associate it with my real name. Let us just say that I have
been around for a long time, and can you say "Code Buster"? Obsolete now,
nonetheless taught many how to write better ones.
The following C code will enable you to ferret out poorly constructed passwords
from /etc/passwd. What I mean by poor passwords is obvious, these consist of
passwords based on the user's name, and even words found in the dictionary.
The most secure password is one that has been constructed from nonsense words,
odd combinations of one word, with control characters and numbers thrown in.
My program is not able to deal with a decent password, nor did I intend it to.
To write something capable of dealing with a secure password would have been
incredibly complex, and take weeks to run on even the fastest of cpu's.
Locate a dictionary file from your nearest Unix system. This is commonly
located in /usr/dict/words. These files will vary from 200K to 5 Megabytes.
The more words your dictionary file has in it, the more effective this program
will be. The program can do a quick scan based on just the identifying name
fields in /etc/passwd or perform a complete scan using the dictionary file. It
basically compares one /etc/passwd entry to each word in your dictionary file,
until it finds the password, or reaches eof,and begins the scan on the next
password.
It will take days to process a large /etc/passwd file. When you re-direct the
output to a log file, make sure you run some sort of cron daemon that will
extract any decoded passwords, and then nulls the log file. I can suggest
/bin/nohup for this task since you can log off and the task continues to run.
Otherwise, the log file can grow to be megabytes depending on the actual size
of the /etc/passwd file and your dictionary..This program,while written with
one purpose in mind (obtaining passwords),is also a positive contribution to
Unix System Administrators.
I run this on several systems nightly, to protect myself! Scanning for user
passwords that are easy to hack, and for other insecure conditions ensures that
my own systems will not be breached. Unix is still not a secure system, and
restoring gigabyte file systems is no fun.
I have made the software as portable as possible. It is known to compile on
all BSD variants, and System V. I don't suggest that you leave the source
laying around on just any system, most System Administrators are known to be
particularly nosy . If you do, for God's sake crypt the damned file.
These are hard times we have fallen into. The thrill of the telephone network
is no more. Mere experimentation is riskier than ever. There is little left,
but intellectual challenges in mastering system software and writing
interesting software for most of us. As we all get older, the risks have grown
less attractive versus the few gains. Someday when I am able to transfer five
or six million into my account in Zurich, I may chance it. Until then, may I
take the time to wish you all good luck in your endeavors, and be careful!
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
/* Beginning of Program */
CODE OMITTED
/* end of program */
_______________________________________________________________________________
=========================================================================