[Prev][Next][Index][Thread]
Re: Shadow Passwording
On Sun, 15 Dec 1996, Yaron wrote:
> Hi,
>
> Since some people asked about it over the dinner (which nobody has yet
> summerized, I'm proud of you all), I have placed a precompiled version of
> the Shadow-Suite (A bit outdated but still works) on anonymous FTP at
> ftp://starlight.trendline.co.il/pub/shadow
Umm, if we're talking about password files, and the most critical binaries
for login and authentication, I would rather not install any outdated
shadow suites.
By the way, anyone found a way to prevent running strace on programs to
see the root password encrypted ???
This for example does it nicely:
strace ps >&/tmp/out
now, when browsing the output...
open("/etc/shadow", O_RDONLY) = 7
fstat(7, {st_mode=S_IFREG|0640, st_size=1078, ...}) = 0
mmap(0, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|0x20, 4294967295, 0) =
0x400c300
0
read(7, "root:SBLfvCRM6JzrI:9737:0:99999:"..., 4096) = 1078
^^^^^^^^^^^^^
and voilla...
--Ariel
> Also there are binaries for wu-ftpd, xlockmore and XDM, along with the
> Shadow-howto.
>
> Bye,
>
> -Yaron.
>
> ----------------------------------------------------------------------------
> Yaron Hemi, Unix Systems Administrator, | -I'm going back in the closet,
> Trendline Ltd (whom I do not speak for) | where men are overcoats.
> Email: yaron@starlight.trendline.co.il |
> WWW: http://zzt.tlv.co.il/ | -Groucho Marx.
> ----------------------------------------------------------------------------
>
>
+---------------------------------------------------------+
| Ariel Biener |
| e-mail: ariel@post.tau.ac.il Work ph: 03-6406086 |
+---------------------------------------------------------+
Follow-Ups:
References: