[ale] Re: MD5
Robert L. Harris
Robert.L.Harris at rdlg.net
Thu Feb 27 15:34:03 EST 2003
Just got your last reply, ignore my brain, I'm sending it out for
service.
Thus spake cfowler (cfowler at outpostsentinel.com):
> The only thing I can tell you is to 'man crypt'
>
> the passwords are one way encrypted. The can be encrypted but not
> decrypted. SO in UNIX what happens is that when a user logs in, the
> plain text password is encrypted via crypt(). The original encrypted
> password is supplied as the salt. crypt() is smart enough to extract
> the salt from the encrypted string. If the newly encrypted string
> matches what is in the /etc/passwd file, then the user has passed that
> test.
>
> In order to read /etc/passwd and friends, the pass program must be ran
> as root. Take the C code I gave you and modify it to exit(code) with
> special numbers. Then look at $? in the script after execution and
> you'll know if it was successful are not and can continue with the code
> for the correct circumstance.
>
> #!/bin/sh
>
> user=$1
> pass=$2
>
> pass ${user} ${pass}
> RVAL=$?
>
> if [ $RVAL -eq 2 ]
> then
> echo "Invalid username"
> exit 1
> fi
>
> if [ $RVAL -eq 1 ]
> then
> echo "Invalid password"
> exit 1
> fi
>
> # Do somehting....
>
>
>
> On Thu, 2003-02-27 at 15:16, Robert L. Harris wrote:
> >
> >
> > Thanks,
> > Do you have any docs I can read up on also? Finding good info seems a
> > bit sketchy.
> >
> > Robert
> >
> >
> > Thus spake cfowler (cfowler at outpostsentinel.com):
> >
> > > Robert,
> > >
> > > I cranked out a quick program that may work
> > >
> > > pass <user> <pass>
> > >
> > > For user tom it would be: pass tom password
> > >
> > > Attached is bin and source.
> > >
> > >
> > >
> > > --
> > > "The Law of Leaky Abstractions"
> > > There is a time where abstractions lead to the inablity to
> > > fix problems that leak through the abstraction.
> > > http://www.joelonsoftware.com/articles/LeakyAbstractions.html
> >
> >
> >
> >
> > :wq!
> > ---------------------------------------------------------------------------
> > Robert L. Harris | PGP Key ID: E344DA3B
> > @ x-hkp://pgp.mit.edu
> > DISCLAIMER:
> > These are MY OPINIONS ALONE. I speak for no-one else.
> >
> > Diagnosis: witzelsucht
> >
> > IPv6 = robert at ipv6.rdlg.net http://ipv6.rdlg.net
> > IPv4 = robert at mail.rdlg.net http://www.rdlg.net
> --
> "The Law of Leaky Abstractions"
> There is a time where abstractions lead to the inablity to
> fix problems that leak through the abstraction.
> http://www.joelonsoftware.com/articles/LeakyAbstractions.html
:wq!
---------------------------------------------------------------------------
Robert L. Harris | PGP Key ID: E344DA3B
@ x-hkp://pgp.mit.edu
DISCLAIMER:
These are MY OPINIONS ALONE. I speak for no-one else.
Diagnosis: witzelsucht
IPv6 = robert at ipv6.rdlg.net http://ipv6.rdlg.net
IPv4 = robert at mail.rdlg.net http://www.rdlg.net
PGP signature
More information about the Ale
mailing list