[Prev][Next][Index][Thread]

Re: Shadow Passwording



On Sun, 15 Dec 1996, Yaron wrote:

>   Hi,
> 
> Since some people asked about it over the dinner (which nobody has yet
> summerized, I'm proud of you all), I have placed a precompiled version of
> the Shadow-Suite (A bit outdated but still works) on anonymous FTP at
> ftp://starlight.trendline.co.il/pub/shadow

Umm, if we're talking about password files, and the most critical binaries
for login and authentication, I would rather not install any outdated
shadow suites. 

By the way, anyone found a way to prevent running strace on programs to
see the root password encrypted ???

This for example does it nicely:

strace ps >&/tmp/out

now, when browsing the output...

open("/etc/shadow", O_RDONLY)           = 7
fstat(7, {st_mode=S_IFREG|0640, st_size=1078, ...}) = 0
mmap(0, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|0x20, 4294967295, 0) =
0x400c300
0
read(7, "root:SBLfvCRM6JzrI:9737:0:99999:"..., 4096) = 1078
              ^^^^^^^^^^^^^

and voilla... 

--Ariel

> Also there are binaries for wu-ftpd, xlockmore and XDM, along with the
> Shadow-howto. 
> 
> 			Bye,
> 
> 				-Yaron.
> 
> ----------------------------------------------------------------------------
>  Yaron Hemi, Unix Systems Administrator, | -I'm going back in the closet,
>  Trendline Ltd (whom I do not speak for) |  where men are overcoats.
>  Email: yaron@starlight.trendline.co.il  |
>  WWW: http://zzt.tlv.co.il/              |               -Groucho Marx.
> ----------------------------------------------------------------------------
> 
> 

   +---------------------------------------------------------+
   | Ariel Biener                                            |
   | e-mail: ariel@post.tau.ac.il        Work ph: 03-6406086 |
   +---------------------------------------------------------+


Follow-Ups: References: