sub decrypt {
          my $c = shift;
          my @c = (0) x 8;
          for (;;) {
            my $i = 0;
            my $s = join '', map chr, @c;
            return $s if crypt($s, $c) eq $c;
            $c[$i]=0, $i++ while $c[$i] == 255;
            return undef if $i > 7;
            $c[$i]++;
          }
        }
[download]

(For the humor impaired, the IAQ is not serious; quoth crypt's docs: "Note that "crypt" is intended to be a one-way function... There is no (known) corresponding decrypt function." This functions attempts to brute force the crypt'd string and thus is extremely slow.)

The most simple case is the following. Take two large prime numbers and multiply them together. This is easy. (presuming you can find two large prime numbers... but that isn't so hard). Now give the result to someone else and ask them to factorise it and give you back the two large primes you started with.

In most instances it will take them an extremely long time to tell you, if they ever can.

UNIX passwords are supposed to rely on trapdoor functions too. We can log in, however, because the password we supply on logging in is encrypted in the same way as the stored password and then the two encrypted passwords are compared.

The chances of two different passwords resulting in the same encrypted result are very very low, so this is considered a reasonable password protection scheme.

If you're trying to decrypt the password because you then want to compare it with another and only allow a user to log in if they're the same, try the above approach of encrypting the password you're given and seeing if the two match.

If you're trying to recover a password you've forgotten ask your system administrator, or if it's your own box and it's the root password that you've forgotten, ask someone who is knowledgeable about the OS you're running for help.

If you want to do this for illegal purposes you're on your own.

You should realize that the unix password is not enciphered as such, but is instead a one-way hash. The standard unix password, for instance, is a string of 8 binary zeros which are encrypted using the password given as a key, and a version of the DES algorithm modified to make it slightly more difficult to attack (including the addition of a "salt" value). The other algorithms out, such as 3DES or MD5, when used for passwords are probably used similarly (although you would have to research them further to be sure).

Likely, if you are wanting to decrypt rather than crack them, there are better approaches you could take; likewise, if you want to decrypt them as a way of testing their strength, there are also better approaches you could take.

Goodluck in your quest for knowledge in that realm.

First of all:
what type of algorithm does your UNIX password use?

DES?
You actually got a change of decrypting this in your lifetime ;)

3DES?
If you're even thinking of brute-forcing 3DES you probably should run and get yourself a couple of CRAY's or start building a bad-ass Beowulf.

AES?
Mail me when the universe implodes.

SERIOUS: In order to crack/decrypt you need to know the algorithm.

//PixelRat