Beefy Boxes and Bandwidth Generously Provided by pair Networks
Perl-Sensitive Sunglasses

Decrypt UNIX password

by Anonymous Monk
on Nov 25, 2001 at 00:50 UTC ( #127303=perlquestion: print w/replies, xml ) Need Help??
Anonymous Monk has asked for the wisdom of the Perl Monks concerning the following question:

Is there a routine that will decrypt a UNIX style password?

Replies are listed 'Best First'.
Re: Decrypt UNIX password
by wog (Curate) on Nov 25, 2001 at 01:32 UTC
    This question is answered in the IAQ, under the question "How do I decrypt a string that I encrypted with crypt()?" (since crypt generates "UNIX style passwords", usually). To quote their answer:
    sub decrypt { my $c = shift; my @c = (0) x 8; for (;;) { my $i = 0; my $s = join '', map chr, @c; return $s if crypt($s, $c) eq $c; $c[$i]=0, $i++ while $c[$i] == 255; return undef if $i > 7; $c[$i]++; } }

    (For the humor impaired, the IAQ is not serious; quoth crypt's docs: "Note that "crypt" is intended to be a one-way function... There is no (known) corresponding decrypt function." This functions attempts to brute force the crypt'd string and thus is extremely slow.)

Re: Decrypt UNIX password
by BlueLines (Hermit) on Nov 25, 2001 at 03:43 UTC
    you can try Crypt::Cracklib, although you're going to spend alot of CPU cycles on this. Especially if you're using a "modern" unix that uses triple-des passwords (or even better, a MD5 hash of a 3DES encrypted string). You'd be better off trying the rubber-hose method...

    note: the rubber hose comment was a joke, of course...


    Disclaimer: This post may contain inaccurate information, be habit forming, cause atomic warfare between peaceful countries, speed up male pattern baldness, interfere with your cable reception, exile you from certain third world countries, ruin your marriage, and generally spoil your day. No batteries included, no strings attached, your mileage may vary.
Re: Decrypt UNIX password
by jarich (Curate) on Nov 25, 2001 at 09:20 UTC
    Trapdoor functions or one way functions are designed such that performing the operation in one direction (from plain string to encrypted string in this case) is easy but performing an opposite operation for the reverse direction is close to impossible with modern day machines.

    The most simple case is the following. Take two large prime numbers and multiply them together. This is easy. (presuming you can find two large prime numbers... but that isn't so hard). Now give the result to someone else and ask them to factorise it and give you back the two large primes you started with.

    In most instances it will take them an extremely long time to tell you, if they ever can.

    UNIX passwords are supposed to rely on trapdoor functions too. We can log in, however, because the password we supply on logging in is encrypted in the same way as the stored password and then the two encrypted passwords are compared.

    The chances of two different passwords resulting in the same encrypted result are very very low, so this is considered a reasonable password protection scheme.

    If you're trying to decrypt the password because you then want to compare it with another and only allow a user to log in if they're the same, try the above approach of encrypting the password you're given and seeing if the two match.

    If you're trying to recover a password you've forgotten ask your system administrator, or if it's your own box and it's the root password that you've forgotten, ask someone who is knowledgeable about the OS you're running for help.

    If you want to do this for illegal purposes you're on your own.

Re: Decrypt UNIX password
by atcroft (Abbot) on Nov 25, 2001 at 06:09 UTC

    You should realize that the unix password is not enciphered as such, but is instead a one-way hash. The standard unix password, for instance, is a string of 8 binary zeros which are encrypted using the password given as a key, and a version of the DES algorithm modified to make it slightly more difficult to attack (including the addition of a "salt" value). The other algorithms out, such as 3DES or MD5, when used for passwords are probably used similarly (although you would have to research them further to be sure).

    Likely, if you are wanting to decrypt rather than crack them, there are better approaches you could take; likewise, if you want to decrypt them as a way of testing their strength, there are also better approaches you could take.

    Goodluck in your quest for knowledge in that realm.

Re: Decrypt UNIX password
by PixelRat (Sexton) on Nov 25, 2001 at 04:03 UTC
    NOTE: This will reply will not help you with any Perl coding.

    First of all:
    what type of algorithm does your UNIX password use?

    You actually got a change of decrypting this in your lifetime ;)

    If you're even thinking of brute-forcing 3DES you probably should run and get yourself a couple of CRAY's or start building a bad-ass Beowulf.

    Mail me when the universe implodes.

    SERIOUS: In order to crack/decrypt you need to know the algorithm.


Re: Decrypt UNIX password
by Maclir (Curate) on Nov 25, 2001 at 00:50 UTC

Log In?

What's my password?
Create A New User
Node Status?
node history
Node Type: perlquestion [id://127303]
Approved by root
and the grasshoppers chirp...

How do I use this? | Other CB clients
Other Users?
Others contemplating the Monastery: (6)
As of 2018-06-20 15:55 GMT
Find Nodes?
    Voting Booth?
    Should cpanminus be part of the standard Perl release?

    Results (116 votes). Check out past polls.