On Monday 07 April 2003 12:01, you wrote:
I'm root on our lan with around 50 users. How can I get a list of their passwords?
You don't. Well, you could try to run something John The Ripper against /etc/shadow Does that mean that I can't or I shouldn't?
You don't need to, as r00t, you can always su to them ;)
But I want to find out what their password was. Can I do that? Is there something which will hack into /etc/shadow and decipher it?
When you log on your unix station, the password you enter is encrypted, then compared to the ecrypted password in /etc/shadow. It is not possible to know what the password was at the beginning, because the unix encrypt command is not reversible. Therefore, if you want to find out what the original password was, you need to do a dictionnay attack (basically try all possible paswords, or try at least the obvious ones first). This is what John The Ripper does. Thomas