[BBLISA] Password cracker program
Steve Revilak
srevilak at speakeasy.net
Wed Apr 19 20:49:19 EDT 2006
> Date: Wed, 19 Apr 2006 15:58:53 -0400
> From: Sharon Nagao <sharon.nagao at gmail.com>
> To: bblisa at bblisa.org
> Subject: [BBLISA] Password cracker program
>
> I'm looking for a password cracker program to run on my AIX servers. I
> would appreciate any suggestions.
>
> Thank you in advance!
I can't vouch for AIX, but I've had good luck using this on Solaris
with passwd/shadow files:
http://www.crypticide.com/users/alecm/security/c50-faq.html
At a former job, we used crack to run dictionary attacks on shadow
file hashes. Of course, since crack needs to read shadow files there
is a need for a `root step' -- at the very least to make a copy of the
shadow file that the crack user can read.
Running crack 3-4 hours a night, it would guess a password every
couple of weeks.
I don't have any experience using it outside of the passwd/shadow file
format.
Steve
More information about the bblisa
mailing list