crypt and passwords

David Kramer david at thekramers.net
Fri Aug 22 16:54:29 EDT 2003 

On Friday 22 August 2003 09:33 am, Derek Martin wrote:
> On Fri, Aug 22, 2003 at 02:12:27AM -0400, David Kramer wrote:
> > I once knew the magic incantations for being able to verify a passwd by 
> > passing the salt from the encrypted password and the unencrypted password 
to 
> > crypt() to see if you got a string matching the encrypted password.  I'm 
> > trying to write a small test program to do this, but I am not getting the 
> > encrypted string back.
> 
> Can we see the code where you set up the salt and call the function?

I pass them on the command line so I can play with it until I see it work.


#define _XOPEN_SOURCE
#include <unistd.h>

int main(int argc, char* argv[])
{
  char* encrypted;

  encrypted=crypt(argv[1],argv[2]);

  if(encrypted)
    {
      printf("crypt(%s,%s)='%s'\n",argv[1],argv[2],encrypted);
    }
  else
    {
      printf("crypt failed.\n");
    }

}

cc -o cryptprint -lcrypt cryptprint.c

Note: This is a MODIFIED version of my encrypted password, but I used the real 
thing:

[david at uni crypt]$ sudo grep david /etc/shadow
david:$1$FOOWOmC8$FOOldOczYfmtvz5PsXyY5/:12023:0:99999:7:::

[david at uni crypt]$ ./cryptprint '$1$FOOWOmC8$' 'FOOldOczYfmtvz5PsXyY5/'
crypt($1$FOOWOmC8$,FOOldOczYfmtvz5PsXyY5/)='bmSTpBK8h2lrE'

[david at uni crypt]$ ./cryptprint '$1$FOOWOmC8$' 'myrealpassword'
crypt($1$xTxWOmC8$,myrealpassword)='FOO/XEaUQQYMU'

What comes out doesn't seem to match anything.



> 
> Can we also see what you /are/ getting for results, if any?
> 
> Also, what are your linker options?  One thing that occurs to me is
> that you might be linking against OpenSSL's crypt(), rather than glibc's
> crypt().  I'm not positive this is a real possibility, but I thought
> OpenSSL provided a crypt() function...  You might want to see what
> package provides libcrypt* on your system...
> 
> The man page for crypt(3) on my system suggests that the crypt()
> function might fail because it may not have been implemented, due to
> export restrictions...
> 
> -- 
> Derek D. Martin
> http://www.pizzashack.org/
> GPG Key ID: 0xDFBEAD02
> -=-=-=-=-
> This message is posted from an invalid address.
> Replying to it will result in undeliverable mail.
> Sorry for the inconvenience.  Thank the spammers.
> 
> 

-- 

--
DDDD   David Kramer         david at thekramers.net       http://thekramers.net
DK KD  "Books won't stay banned.  They won't burn.  Ideas won't go to jail.
DKK D  In the long run of history the censor and the inquisitor have always
DK KD  lost.  The only sure weapon against bad ideas is better ideas."
DDDD                                                   - A. Whitney Griswold

More information about the Discuss mailing list