Password file

• To avoid the most obvious problem, the passwords were scrambled

• Password used as a key to DES-encrypt "\0\0\0\0\0\0\0\0"

• Result stored in password file

• You see the result of the encryption, but not the key that was used to get there

• Problem: DES keys are only 56 bits

• So you can easily mount a brute-force attack and get the root password

• Even worse, you could prepare a cracking dictionary offline

• If you acquire a password file later, look up the passwords in your dictionary

• Get all the passwords instantly

Next

Copyright © 2005 M. J. Dominus