Hi, I remember that someone had recovered some ancient /etc/passwd files and had decrypted(?) them, and I remember reading that either ken or dmr's password was something interesting like './,..,/' (it was entirely punctuation characters, was around three different characters in total, and was pretty damn short). I've tried to find this since, as a friend was interested in it, and I cannot for the life of me find it! Do any of you remember or have a link? :) Thanks! -- "Too enough is always not much!"
Finn O'Leary <finnoleary@inventati.org> writes: > Hi, I remember that someone had recovered some ancient /etc/passwd files > and had decrypted(?) them, and I remember reading that either ken or > dmr's > password was something interesting like './,..,/' (it was entirely > punctuation characters, was around three different characters in > total, and > was pretty damn short). I've tried to find this since, as a friend was > interested in it, and I cannot for the life of me find it! I did this once, but I never managed to crack all of them. It was bwk who used /.,/., My findings (from https://github.com/dspinellis/unix-history-repo/blob/BSD-3-Snapshot-Development/etc/passwd): gfVwhuAMF0Trw:dmac Pb1AmSpsVPG0Y:uio ymVglQZjbWYDE:/.,/., c8UdIntIZCUIA:bourne AAZk9Aj5/Ue0E:foobar E9i8fWghn1p/I:apr1744 IIVxQSvq1V9R2:axolotl 9EZLtSYjeEABE:network P0CHBwE/mB51k:whatnot Nc3IkFJyW2u7E:...hello olqH1vDqH38aw:sacristy 9ULn5cWTc0b9E:sherril. N33.MCNcTh5Qw:uucpuucp FH83PFo4z55cU:wendy!!! OVCPatZ8RFmFY:cowperso X.ZNnZrciWauE:5%ghj IL2bmGECQJgbk:pdq;dq 4BkcEieEtjWXI:jilland1 8PYh/dUBQT9Ss:theik!!! lj1vXnxTAPnDc:sn74193n But I never managed to crack ken's password with the hash ZghOT0eRm4U9s, and I think I enumerated the whole 8 letter lowercase + special symbols key space. The uncracked ones are: ozalp:m5syt3.lB5LAE:40:10:& Babaoglu,4156423806:/usr/ozalp:/bin/csh hpk:9ycwM8mmmcp4Q:9:10:Howard Katseff,2019495337:/usr/staff/hpk:/bin/csh tbl:cBWEbG59spEmM:10:10:Tom London,2019492006:/usr/staff/tbl ken:ZghOT0eRm4U9s:52:10:& Thompson:/usr/staff/ken fabry:d9B17PTU2RTlM:305:10:Bob &,4156422714:/usr/staff/fabry:/bin/csh Any help is welcome. -- Leah Neukirchen <leah@vuxu.org> https://leahneukirchen.org/
On 2019-10-03 19:30, Leah Neukirchen wrote: > I did this once, but I never managed to crack all of them. > It was bwk who used /.,/., > > My findings (from > https://github.com/dspinellis/unix-history-repo/blob/BSD-3-Snapshot-Development/etc/passwd): > > [ ... ] Interesting~! Thank you for the quick response :) > But I never managed to crack ken's password with the hash > ZghOT0eRm4U9s, and I think I enumerated the whole > 8 letter lowercase + special symbols key space. > [ ... ] > Any help is welcome. I'm not even sure how I would go about starting to crack them, as I have very little experience with that! That said, I'd be willing to lend some CPU power to recover the rest :) -- - Finn finnoleary.net
Finn O'Leary wrote in <b131e7d8e13b787df8146bd2edcd7bfb@inventati.org>: |On 2019-10-03 19:30, Leah Neukirchen wrote: |> I did this once, but I never managed to crack all of them. |> It was bwk who used /.,/., |> |> My findings (from |> https://github.com/dspinellis/unix-history-repo/blob/BSD-3-Snapshot-Deve\ |> lopment/etc/passwd): |> |> [ ... ] | |Interesting~! Thank you for the quick response :) |> But I never managed to crack ken's password with the hash |> ZghOT0eRm4U9s, and I think I enumerated the whole |> 8 letter lowercase + special symbols key space. |> [ ... ] |> Any help is welcome. | |I'm not even sure how I would go about starting to crack them, as I have |very little experience with that! That said, I'd be willing to lend some |CPU power to recover the rest :) The dark powers of criminal energy touched also me, i wanted to write hazy spheres thereof, but that reminded me of hazy shade of criminal from Public Enemy ("Once the riot started, it went like a forest fire") thirty years ago. (The one rap/hip hop i have ever heard, with text that really mattered, sometimes.) Oh, we like that wendy!!! was nothing fast-food alike. And Kurt Shoens used sacristy! How could that ever be decrypted. Thanks, Leah. --steffen | |Der Kragenbaer, The moon bear, |der holt sich munter he cheerfully and one by one |einen nach dem anderen runter wa.ks himself off |(By Robert Gernhardt)
On Thu, 3 Oct 2019, Finn O'Leary wrote:
>> But I never managed to crack ken's password with the hash
>> ZghOT0eRm4U9s, and I think I enumerated the whole 8 letter lowercase +
>> special symbols key space.
I can't find the original post, but, was upper case not tried?
-- Dave
[-- Attachment #1: Type: text/plain, Size: 1015 bytes --] I did extensive password checking in 112 at one point. I saved almost none Of the original passed files, but I do have /etc/passwd from: arachne caspian cl44 fiji mhmips ore ruble tempo-hadrian banc cd cl45 irisa mht40-3 peso sidewise vector bill cdrom coorong irisb mht40-3-mhbb quark subtillion yankee bloom celerity deneb jazz mhuxw rgbvax sun1c zeno bruce chaos dixie lucian none rial sunshine This list includes 1033 different user names. Most do not have the pw field: bruce:jpl:2v/xj5FQ.kqVY:4129:4129:John P. Linderman,MH 3D-435,6427 (gc,exp.6/1990):/tmp:/bin/ksh tempo-hadrian:jpl:BQl9MmYhh.8oE:358:358:John P. Linderman:/usr/jpl:/bin/ksh tempo-hadrian:jpl:sorry:358:358:John P. Linderman,3D-435,6427,4641129,11384:/usr/jpl:/bin/true vector:jpl:2v/xj5FQ.kqVY:4129:4129:John P. Linderman,(gc)3D-435,6427,4641129:/tmp:/bin/ksh Here’s one hash from a famous person. I believe GPUs can now test over 8 billion tries in a second. s6BGoOQ8LfLYo [-- Attachment #2: Type: text/html, Size: 6671 bytes --]
Dave Horsfall <dave@horsfall.org> writes: > On Thu, 3 Oct 2019, Finn O'Leary wrote: > >>> But I never managed to crack ken's password with the hash >>> ZghOT0eRm4U9s, and I think I enumerated the whole 8 letter >>> lowercase + special symbols key space. > > I can't find the original post, but, was upper case not tried? That explodes my computational resources (I don't have good GPU). But since all the other (simple) passwords use lowercase letters only, I assumed it was a fair assumption. -- Leah Neukirchen <leah@vuxu.org> https://leahneukirchen.org/
no, it was tty model 33.
On Fri, Oct 4, 2019 at 3:30 AM Leah Neukirchen <leah@vuxu.org> wrote:
>
> Dave Horsfall <dave@horsfall.org> writes:
>
> > On Thu, 3 Oct 2019, Finn O'Leary wrote:
> >
> >>> But I never managed to crack ken's password with the hash
> >>> ZghOT0eRm4U9s, and I think I enumerated the whole 8 letter
> >>> lowercase + special symbols key space.
> >
> > I can't find the original post, but, was upper case not tried?
>
> That explodes my computational resources (I don't have good GPU). But
> since all the other (simple) passwords use lowercase letters only, I
> assumed it was a fair assumption.
>
> --
> Leah Neukirchen <leah@vuxu.org> https://leahneukirchen.org/
[-- Attachment #1: Type: text/plain, Size: 1057 bytes --] 9ycwM8mmmcp4Q:graduat; On 10/3/2019 8:59 PM, WIlliam Cheswick wrote: > I did extensive password checking in 112 at one point. I saved almost > none > Of the original passed files, but I do have /etc/passwd from: > > arachnecaspiancl44fijimhmipsorerubletempo-hadrian > banccdcl45irisamht40-3pesosidewisevector > billcdromcoorongirisbmht40-3-mhbbquarksubtillionyankee > bloomceleritydenebjazzmhuxwrgbvaxsun1czeno > brucechaosdixieluciannonerialsunshine > > This list includes 1033 different user names. > > Most do not have the pw field: > > bruce:jpl:2v/xj5FQ.kqVY:4129:4129:John P. Linderman,MH 3D-435,6427 > (gc,exp.6/1990):/tmp:/bin/ksh > tempo-hadrian:jpl:BQl9MmYhh.8oE:358:358:John P. > Linderman:/usr/jpl:/bin/ksh > tempo-hadrian:jpl:sorry:358:358:John P. > Linderman,3D-435,6427,4641129,11384:/usr/jpl:/bin/true > vector:jpl:2v/xj5FQ.kqVY:4129:4129:John P. > Linderman,(gc)3D-435,6427,4641129:/tmp:/bin/ksh > > Here’s one hash from a famous person. I believe GPUs can now test > over 8 billion tries in a second. > > s6BGoOQ8LfLYo > > [-- Attachment #2: Type: text/html, Size: 42749 bytes --]
On 3 Oct 2019 18:51 +0000, from finnoleary@inventati.org (Finn O'Leary): > password was something interesting like './,..,/' (it was entirely > punctuation characters, was around three different characters in total, and > was pretty damn short). I'm a bit late to the party here (it's been a crazy week for me and I'm only just now starting to catch up), but don't forget that hashed Unix passwords back then were limited to eight bytes (actually I believe the hard limit was 64 bits' worth of password, so if your system used less than 8 bits per character, you could theoretically cram more _characters_ into the password, but not more _entropy_, which topped out at 2^64 no matter what you did, and in practice a fair bit less because you wanted to be able to type it in). Of course, this wasn't a problem in practice when even just hashing a single candidate password took noticable fractions of a second. At 100 ms per hash, while you could exhaustively search the lower alphanumerics four characters space within about two days (my calculator says 1.944 * 86400 seconds for that) if you could hog the computer for everyone, by the time you got to six characters the same search would take almost 7 years, and eight characters the better part of 9000 years (assuming you kept running it on the same hardware for the duration). Adding uppercase A-Z alongside lowercase a-z and 0-9 increases the exhaustive search time even for the four characters password space to about 17 days at 100 ms per hash. So with no additional information for an attacker, even a [a-zA-Z0-9]{4} password was tolerably secure, and a [a-zA-Z0-9]{5} one was more than good enough if you changed it once a year (would take about three years to crack at 100 ms/hash). William Cheswick mentioned 8e9 hashes per second. While that sounds low for good ol' Unix crypt() to me, at that rate, an exhaustive search of [a-z0-9]{8} would take about 353 days, again according to my calculator. [a-z0-9]{4} would finish in about 18 seconds. My _guess_, without having looked up current numbers, is that these figures are at least some two orders of magnitude too high given modern hardware. Just look at EFF's good ol' Deep Crack. I wasn't really around much at the time, but if _The Cuckoo's Egg_ is to be believed, the bigger problem was that people in general weren't any better at choosing good passwords (or keeping them secret) back then than they are today. That honestly wouldn't particularly surprise me. Technology advances, but people remain largely the same? -- Michael Kjörling • https://michael.kjorling.se • michael@kjorling.se “The most dangerous thought that you can have as a creative person is to think you know what you’re doing.” (Bret Victor)
I cracked a root password for a certain system, back in the ARPANET days.
If memory serves, it was 5 characters.
I was able to get my hands on the crypt() source, and figure out that
the first part of it was intentionally "lengthy" and it just
pre-computed a bunch of stuff on purpose. At least, that's my memory of
it at the time.
I was able to separate that precompute part, and then loop through all
combinations further down the crypt() function. Made it a lot faster.
Was able to crack a 5-character password in less than a week (or maybe
it was a few days) on a VAX-11/750. Of course, it was a simple password
consisting of lower-case alpha and no numerics.
I think the first letter of the password was "b" which helped a lot ;)
Nowadays, run hashcat on an HPC cluster and you can break a lot of stuff...
art k.
On 10/5/2019 1:29 PM, Michael Kjörling wrote:
> On 3 Oct 2019 18:51 +0000, from finnoleary@inventati.org (Finn O'Leary):
>> password was something interesting like './,..,/' (it was entirely
>> punctuation characters, was around three different characters in total, and
>> was pretty damn short).
> I'm a bit late to the party here (it's been a crazy week for me and
> I'm only just now starting to catch up), but don't forget that hashed
> Unix passwords back then were limited to eight bytes (actually I
> believe the hard limit was 64 bits' worth of password, so if your
> system used less than 8 bits per character, you could theoretically
> cram more _characters_ into the password, but not more _entropy_,
> which topped out at 2^64 no matter what you did, and in practice a
> fair bit less because you wanted to be able to type it in).
>
> Of course, this wasn't a problem in practice when even just hashing a
> single candidate password took noticable fractions of a second. At 100
> ms per hash, while you could exhaustively search the lower
> alphanumerics four characters space within about two days (my
> calculator says 1.944 * 86400 seconds for that) if you could hog the
> computer for everyone, by the time you got to six characters the same
> search would take almost 7 years, and eight characters the better part
> of 9000 years (assuming you kept running it on the same hardware for
> the duration).
>
> Adding uppercase A-Z alongside lowercase a-z and 0-9 increases the
> exhaustive search time even for the four characters password space to
> about 17 days at 100 ms per hash. So with no additional information
> for an attacker, even a [a-zA-Z0-9]{4} password was tolerably secure,
> and a [a-zA-Z0-9]{5} one was more than good enough if you changed it
> once a year (would take about three years to crack at 100 ms/hash).
>
> William Cheswick mentioned 8e9 hashes per second. While that sounds
> low for good ol' Unix crypt() to me, at that rate, an exhaustive
> search of [a-z0-9]{8} would take about 353 days, again according to my
> calculator. [a-z0-9]{4} would finish in about 18 seconds. My _guess_,
> without having looked up current numbers, is that these figures are at
> least some two orders of magnitude too high given modern hardware.
> Just look at EFF's good ol' Deep Crack.
>
> I wasn't really around much at the time, but if _The Cuckoo's Egg_ is
> to be believed, the bigger problem was that people in general weren't
> any better at choosing good passwords (or keeping them secret) back
> then than they are today. That honestly wouldn't particularly surprise
> me. Technology advances, but people remain largely the same?
>
On Thu, Oct 03, 2019 at 09:30:31PM +0200, Leah Neukirchen wrote: > Finn O'Leary <finnoleary@inventati.org> writes: > > > Hi, I remember that someone had recovered some ancient /etc/passwd files > > and had decrypted(?) them, and I remember reading that either ken or > > dmr's > > password was something interesting like './,..,/' (it was entirely > > punctuation characters, was around three different characters in > > total, and > > was pretty damn short). I've tried to find this since, as a friend was > > interested in it, and I cannot for the life of me find it! > > I did this once, but I never managed to crack all of them. > It was bwk who used /.,/., > > My findings (from https://github.com/dspinellis/unix-history-repo/blob/BSD-3-Snapshot-Development/etc/passwd): > > gfVwhuAMF0Trw:dmac > Pb1AmSpsVPG0Y:uio > ymVglQZjbWYDE:/.,/., > c8UdIntIZCUIA:bourne > AAZk9Aj5/Ue0E:foobar > E9i8fWghn1p/I:apr1744 > IIVxQSvq1V9R2:axolotl > 9EZLtSYjeEABE:network > P0CHBwE/mB51k:whatnot > Nc3IkFJyW2u7E:...hello > olqH1vDqH38aw:sacristy > 9ULn5cWTc0b9E:sherril. > N33.MCNcTh5Qw:uucpuucp > FH83PFo4z55cU:wendy!!! > OVCPatZ8RFmFY:cowperso > X.ZNnZrciWauE:5%ghj > IL2bmGECQJgbk:pdq;dq > 4BkcEieEtjWXI:jilland1 > 8PYh/dUBQT9Ss:theik!!! > lj1vXnxTAPnDc:sn74193n > > But I never managed to crack ken's password with the hash > ZghOT0eRm4U9s, and I think I enumerated the whole > 8 letter lowercase + special symbols key space. > > The uncracked ones are: > > ozalp:m5syt3.lB5LAE:40:10:& Babaoglu,4156423806:/usr/ozalp:/bin/csh m5syt3.lB5LAE:12ucdort > hpk:9ycwM8mmmcp4Q:9:10:Howard Katseff,2019495337:/usr/staff/hpk:/bin/csh > tbl:cBWEbG59spEmM:10:10:Tom London,2019492006:/usr/staff/tbl > ken:ZghOT0eRm4U9s:52:10:& Thompson:/usr/staff/ken > fabry:d9B17PTU2RTlM:305:10:Bob &,4156422714:/usr/staff/fabry:/bin/csh I pointed my FreeBSD build machine at the password file, but it didn't manage many guesses a second (55000 per core with 48 cores, using john). I asked a friend to point their GPU rig at the password file. It is a MSI Graphics Card R9 290X and is doing about 255MHashes/Second using hashcat. He is going to do the alphanumeric space and then call it a day. "for hashcat, 80s DES crypt is -m 1500" - [tj]
[-- Attachment #1: Type: text/plain, Size: 2765 bytes --] I have some more out of this list, but not sure if I should send them or not. Ken's has not been cracked - yet. ozalp:m5syt3.lB5LAE:40:10:& Babaoglu,4156423806:/usr/ozalp:/bin/csh hpk:9ycwM8mmmcp4Q:9:10:Howard Katseff,2019495337:/usr/staff/hpk:/bin/csh tbl:cBWEbG59spEmM:10:10:Tom London,2019492006:/usr/staff/tbl ken:ZghOT0eRm4U9s:52:10:& Thompson:/usr/staff/ken fabry:d9B17PTU2RTlM:305:10:Bob &,4156422714:/usr/staff/fabry:/bin/csh On 10/5/2019 2:05 PM, Tom Jones wrote: > On Thu, Oct 03, 2019 at 09:30:31PM +0200, Leah Neukirchen wrote: >> Finn O'Leary <finnoleary@inventati.org> writes: >> >>> Hi, I remember that someone had recovered some ancient /etc/passwd files >>> and had decrypted(?) them, and I remember reading that either ken or >>> dmr's >>> password was something interesting like './,..,/' (it was entirely >>> punctuation characters, was around three different characters in >>> total, and >>> was pretty damn short). I've tried to find this since, as a friend was >>> interested in it, and I cannot for the life of me find it! >> I did this once, but I never managed to crack all of them. >> It was bwk who used /.,/., >> >> My findings (from https://github.com/dspinellis/unix-history-repo/blob/BSD-3-Snapshot-Development/etc/passwd): >> >> gfVwhuAMF0Trw:dmac >> Pb1AmSpsVPG0Y:uio >> ymVglQZjbWYDE:/.,/., >> c8UdIntIZCUIA:bourne >> AAZk9Aj5/Ue0E:foobar >> E9i8fWghn1p/I:apr1744 >> IIVxQSvq1V9R2:axolotl >> 9EZLtSYjeEABE:network >> P0CHBwE/mB51k:whatnot >> Nc3IkFJyW2u7E:...hello >> olqH1vDqH38aw:sacristy >> 9ULn5cWTc0b9E:sherril. >> N33.MCNcTh5Qw:uucpuucp >> FH83PFo4z55cU:wendy!!! >> OVCPatZ8RFmFY:cowperso >> X.ZNnZrciWauE:5%ghj >> IL2bmGECQJgbk:pdq;dq >> 4BkcEieEtjWXI:jilland1 >> 8PYh/dUBQT9Ss:theik!!! >> lj1vXnxTAPnDc:sn74193n >> >> But I never managed to crack ken's password with the hash >> ZghOT0eRm4U9s, and I think I enumerated the whole >> 8 letter lowercase + special symbols key space. >> >> The uncracked ones are: >> >> ozalp:m5syt3.lB5LAE:40:10:& Babaoglu,4156423806:/usr/ozalp:/bin/csh > m5syt3.lB5LAE:12ucdort > >> hpk:9ycwM8mmmcp4Q:9:10:Howard Katseff,2019495337:/usr/staff/hpk:/bin/csh >> tbl:cBWEbG59spEmM:10:10:Tom London,2019492006:/usr/staff/tbl >> ken:ZghOT0eRm4U9s:52:10:& Thompson:/usr/staff/ken >> fabry:d9B17PTU2RTlM:305:10:Bob &,4156422714:/usr/staff/fabry:/bin/csh > I pointed my FreeBSD build machine at the password file, but it didn't > manage many guesses a second (55000 per core with 48 cores, using john). > > I asked a friend to point their GPU rig at the password file. It is a > MSI Graphics Card R9 290X and is doing about 255MHashes/Second using > hashcat. He is going to do the alphanumeric space and then call it a > day. > > "for hashcat, 80s DES crypt is -m 1500" > > - [tj] > [-- Attachment #2: Type: text/html, Size: 38990 bytes --]
Back in the heyday of uucp, some sites were lazy and allowed uucico access to any file in the file system (that was accessible to the uucp user). A common ploy for white hats and black hats was to try uucp remotesys!/etc/passwd ~/remotesys or the like, and see what came in and whether it had any easy hashes (shadow password files didn't quite exist yet). The system known to the uucp world as research! was more careful: / was mapped to /usr/spool/uucp. We left a phony etc/passwd file there, containing plausible-looking entries with hashes that, if cracked, spelled out why are you wasting your time I don't remember whether anyone ever stole it by uucp, though I think Bill Cheswick used it to set up the phony system environment for Berferd to play in (Google for `cheswick berferd' if you don't know the story). Norman Wilson Toronto ON
Slightly off-topic, but still UUCP related. If a SunOS box NFS exported
/, and I could mount /, even without root NFS access, using the uucp
user, I could overwrite uucico because it was owned by uucp. The entry
in inetd.conf would automatically run uucico as root. Telnet to the box
on that port, and it would happily run whatever I put in the uucico file.
Bad joo-joo.
On 10/8/2019 2:38 PM, Norman Wilson wrote:
> Back in the heyday of uucp, some sites were lazy and allowed
> uucico access to any file in the file system (that was accessible
> to the uucp user). A common ploy for white hats and black hats
> was to try
> uucp remotesys!/etc/passwd ~/remotesys
> or the like, and see what came in and whether it had any easy
> hashes (shadow password files didn't quite exist yet).
>
> The system known to the uucp world as research! was more
> careful: / was mapped to /usr/spool/uucp. We left a phony
> etc/passwd file there, containing plausible-looking entries
> with hashes that, if cracked, spelled out
>
> why
> are
> you
> wasting
> your
> time
>
> I don't remember whether anyone ever stole it by uucp, though
> I think Bill Cheswick used it to set up the phony system
> environment for Berferd to play in (Google for `cheswick berferd'
> if you don't know the story).
>
> Norman Wilson
> Toronto ON
>
On Tue, 8 Oct 2019, Arthur Krewat wrote:
> I have some more out of this list, but not sure if I should send them or
> not. Ken's has not been cracked - yet.
Has anyone tried "John the Ripper"? And there was another tool (name
forgotten) that was specifically designed to attack crypt().
-- Dave
On Tue, 8 Oct 2019, Norman Wilson wrote:
> I don't remember whether anyone ever stole it by uucp, though I think
> Bill Cheswick used it to set up the phony system environment for Berferd
> to play in (Google for `cheswick berferd' if you don't know the story).
And an excellent story: if you haven't read it then read it; if you have
read it then read it again. I'm sure that I have the book somewhere.
Semi-spoiler: the protagonist used to sleep next to his terminal (leaving
his girlfriend alone) until the perp tried to log in, upon which alarms
went off and he was finally able to trace the call.
Or am I confusing it with "The Cuckoo's Egg" by Clifford Stoll?
-- Dave
Using hashcat on an nvidia GPU cluster. crypt() is slow on it, I guess
because the GPUs are not able to do it efficiently.
On 10/8/2019 4:40 PM, Dave Horsfall wrote:
> On Tue, 8 Oct 2019, Arthur Krewat wrote:
>
>> I have some more out of this list, but not sure if I should send them or
>> not. Ken's has not been cracked - yet.
>
> Has anyone tried "John the Ripper"? And there was another tool (name
> forgotten) that was specifically designed to attack crypt().
>
> -- Dave
>
On Tue, 8 Oct 2019, Arthur Krewat wrote:
> Slightly off-topic, but still UUCP related. If a SunOS box NFS exported
> /, and I could mount /, even without root NFS access, using the uucp
> user, I could overwrite uucico because it was owned by uucp. The entry
> in inetd.conf would automatically run uucico as root. Telnet to the box
> on that port, and it would happily run whatever I put in the uucico
> file.
>
> Bad joo-joo.
*Cough cough* I remember that *cough cough*...
Unix systems in those days were broken in subtle ways; we once broke into
a Gould (marketed as the most secure box on the planet[*]) by
social-engineering a marketoid (we tricked him into running a custom "ls"
or something). "Thank you Sir, and we've just broken into your Gould;
there's the root prompt".
[*]
They never did pay us our bounty, because we "cheated" :-)
-- Dave
On 9 Oct 2019 07:52 +1100, from dave@horsfall.org (Dave Horsfall): > Semi-spoiler: the protagonist used to sleep next to his terminal (leaving > his girlfriend alone) until the perp tried to log in, upon which alarms went > off and he was finally able to trace the call. > > Or am I confusing it with "The Cuckoo's Egg" by Clifford Stoll? You might be. At least, what you describe definitely bears a close resemblance to events recounted in Stoll's book. Of course, that by itself doesn't mean something similar can't have been done by or happened to others. When all you've got is a hammer... -- Michael Kjörling • https://michael.kjorling.se • michael@kjorling.se “The most dangerous thought that you can have as a creative person is to think you know what you’re doing.” (Bret Victor)
On 10/8/2019 5:02 PM, Dave Horsfall wrote: > On Tue, 8 Oct 2019, Arthur Krewat wrote: > >> Slightly off-topic, but still UUCP related. If a SunOS box NFS >> exported /, and I could mount /, even without root NFS access, using >> the uucp user, I could overwrite uucico because it was owned by uucp. >> The entry in inetd.conf would automatically run uucico as root. >> Telnet to the box on that port, and it would happily run whatever I >> put in the uucico file. >> >> Bad joo-joo. > > *Cough cough* I remember that *cough cough*... cough cough back at you, sir ;) > > Unix systems in those days were broken in subtle ways; we once broke > into a Gould (marketed as the most secure box on the planet[*]) by > social-engineering a marketoid (we tricked him into running a custom > "ls" or something). "Thank you Sir, and we've just broken into your > Gould; there's the root prompt". I was able to social-engineer an operator a few times on TOPS-10 systems back in the day to reset passwords, or mount disks. "Can you give me a list of disks you have ready to mount?" - "blah blah blah" - "OK, mount pack BLARG". But then, one time, I was talking to an "operator" for a while before I realized it was an ELIZA-like program that kept going back around in a loop. Trying to be suave, I started it by asking how they were doing, and got all sorts of weird responses. At some point, realizing I was talking to a bot, I said: "I feel bad" - and it replied something to the effect of "Can you explain why you feel bad?". Typical ELIZA response ;) Someone at that university had a sense of humor, that's for sure. Broke into it anyway guessing passwords. ak
ken is done: ZghOT0eRm4U9s:p/q2-q4! took 4+ days on an AMD Radeon Vega64 running hashcat at about 930MH/s during that time (those familiar know the hash-rate fluctuates and slows down towards the end).
On Wed, Oct 9, 2019 at 4:49 PM Nigel Williams
<nw@retrocomputingtasmania.com> wrote:
> ZghOT0eRm4U9s:p/q2-q4!
BTW, is that a chess move?
[-- Attachment #1: Type: text/plain, Size: 267 bytes --] On Tue, Oct 8, 2019, 11:52 PM Nigel Williams <nw@retrocomputingtasmania.com> wrote: > On Wed, Oct 9, 2019 at 4:49 PM Nigel Williams > <nw@retrocomputingtasmania.com> wrote: > > ZghOT0eRm4U9s:p/q2-q4! > > BTW, is that a chess move? > Most common opening. Warner > [-- Attachment #2: Type: text/html, Size: 925 bytes --]
On 10/9/19, Warner Losh <imp@bsdimp.com> wrote:
> On Tue, Oct 8, 2019, 11:52 PM Nigel Williams
> <nw@retrocomputingtasmania.com>
> wrote:
>
>> On Wed, Oct 9, 2019 at 4:49 PM Nigel Williams
>> <nw@retrocomputingtasmania.com> wrote:
>> > ZghOT0eRm4U9s:p/q2-q4!
>>
>> BTW, is that a chess move?
>>
>
> Most common opening.
>
Descriptive chess notation is not as popular today as it was back in
the 70s, but it actually makes perfect sense as Ken is a long time
chess enthusiast.
--Andy
congrats.
On Wed, Oct 9, 2019 at 1:16 AM Andy Kosela <akosela@andykosela.com> wrote:
>
> On 10/9/19, Warner Losh <imp@bsdimp.com> wrote:
> > On Tue, Oct 8, 2019, 11:52 PM Nigel Williams
> > <nw@retrocomputingtasmania.com>
> > wrote:
> >
> >> On Wed, Oct 9, 2019 at 4:49 PM Nigel Williams
> >> <nw@retrocomputingtasmania.com> wrote:
> >> > ZghOT0eRm4U9s:p/q2-q4!
> >>
> >> BTW, is that a chess move?
> >>
> >
> > Most common opening.
> >
>
> Descriptive chess notation is not as popular today as it was back in
> the 70s, but it actually makes perfect sense as Ken is a long time
> chess enthusiast.
>
> --Andy
Ken Thompson via TUHS <tuhs@minnie.tuhs.org> writes: > congrats. chapeau :) -- Leah Neukirchen <leah@vuxu.org> https://leahneukirchen.org/
Arthur Krewat <krewat@kilonet.net> writes: > I have some more out of this list, but not sure if I should send them > or not. Ken's has not been cracked - yet. I'd be curious to have the complete list. Thanks, -- Leah Neukirchen <leah@vuxu.org> https://leahneukirchen.org/
[-- Attachment #1: Type: text/plain, Size: 385 bytes --] By crypt() hash: 9ycwM8mmmcp4Q:graduat; m5syt3.lB5LAE:12ucdort d9B17PTU2RTlM:561cml.. cBWEbG59spEmM:..pnn521 On 10/9/2019 8:55 AM, Leah Neukirchen wrote: > Arthur Krewat <krewat@kilonet.net> writes: > >> I have some more out of this list, but not sure if I should send them >> or not. Ken's has not been cracked - yet. > I'd be curious to have the complete list. > > Thanks, [-- Attachment #2: Type: text/html, Size: 36055 bytes --]
[-- Attachment #1: Type: text/plain, Size: 934 bytes --] I coulda told you that. One tends to learn passwords (inadvertently) when they're short and typed nearby often enough. (Sorry, ken.) If I remember right, the first half of this password was on a t-shirt commemorating Belle's first half-move, although its notation may have been different. Interesting though it is, though, I find this hacking distasteful. It was distasteful back when, and it still is. The attitudes around hackery have changed; the position nowadays seems to be that the bad guys are doing it so the good guys should be rewarded for doing it first. That's disingenuous at best, and dangerous at worst. -rob On Tue, Oct 8, 2019 at 7:50 PM Nigel Williams <nw@retrocomputingtasmania.com> wrote: > ken is done: > > ZghOT0eRm4U9s:p/q2-q4! > > took 4+ days on an AMD Radeon Vega64 running hashcat at about 930MH/s > during that time (those familiar know the hash-rate fluctuates and > slows down towards the end). > [-- Attachment #2: Type: text/html, Size: 1346 bytes --]
On Wed, Oct 09, 2019 at 09:59:43AM -1000, Rob Pike wrote:
>
> Interesting though it is, though, I find this hacking distasteful. It was
> distasteful back when, and it still is. The attitudes around hackery have
> changed; the position nowadays seems to be that the bad guys are doing it
> so the good guys should be rewarded for doing it first. That's disingenuous
> at best, and dangerous at worst.
>
And not really relevant to this topic, in fact. It's not like we're
sitting around rainbow-tabling someone's Macbook. This stuff is, at
this point, of historical interest. "How many decades old must a hash
be before it's acceptable to decode it" is a valid question worth
answering, but comparing this kind of archaeology to active attack is
slightly absurd.
khm
On 10/9/2019 3:59 PM, Rob Pike wrote:
>
> Interesting though it is, though, I find this hacking distasteful. It
> was distasteful back when, and it still is. The attitudes around
> hackery have changed; the position nowadays seems to be that the bad
> guys are doing it so the good guys should be rewarded for doing it
> first. That's disingenuous at best, and dangerous at worst.
Which is why, after a point, I asked if the results were OK to post.
TBH, I ranged far and wide in my hacking back in the early 80's. I am
proud of it on the one hand, because it exposed me to systems that I
would never have had access to. And when I found huge gaping security
holes, I usually let them know. But on the other hand, well, you've
expressed the exact sentiment. My only experience with TOPS-20 and UNIX
early on was because of that.
I never went to college. In fact, I never graduated high school. But I
was hired as a consultant to do systems programming for TOPS-10 systems
by the consulting firm that ran BOCES/LIRICS in Dix Hills, NY. I was
mentored by a great guy, Bruce Maier, and using my hacking experience, I
continue to this day to try to help both my consulting customers, and
the general public whenever I can.
I'm a white-hat kinda guy ;)
art k.
On Wed, 09 Oct 2019 13:09:42 -0700 Kurt H Maier <khm@sciops.net> wrote:
> On Wed, Oct 09, 2019 at 09:59:43AM -1000, Rob Pike wrote:
> >
> > Interesting though it is, though, I find this hacking distasteful. It was
> > distasteful back when, and it still is. The attitudes around hackery have
> > changed; the position nowadays seems to be that the bad guys are doing it
> > so the good guys should be rewarded for doing it first. That's disingenuous
> > at best, and dangerous at worst.
> >
>
> And not really relevant to this topic, in fact. It's not like we're
> sitting around rainbow-tabling someone's Macbook. This stuff is, at
> this point, of historical interest. "How many decades old must a hash
> be before it's acceptable to decode it" is a valid question worth
> answering, but comparing this kind of archaeology to active attack is
> slightly absurd.
I feel more than slightly absurd asking this but is the
password ken used in 1980 is of "historical interest"?
[-- Attachment #1: Type: text/plain, Size: 248 bytes --] On Wed, Oct 9, 2019 at 3:05 PM Bakul Shah <bakul@bitblocks.com> wrote: > I feel more than slightly absurd asking this but is the > password ken used in 1980 is of "historical interest"? > Only if he still uses it for online banking... :) Warner [-- Attachment #2: Type: text/html, Size: 614 bytes --]
On 10/9/2019 5:09 PM, Warner Losh wrote:
> Only if he still uses it for online banking... :)
LMFAO.
[-- Attachment #1: Type: text/plain, Size: 1164 bytes --] It is, if nothing else, a nice example of Moore's Law. Here's a thing on the distribution tape (at least, I assume it was; happy to be wrong here) but which was assumed to be fundamentally safe, because it was computationally infeasible to rainbow-table the hash...so why not leave your real password hash on the images you gave to the world? 40 years later, it's obviously within the reach of hobbyists spending, I presume, essentially zero dollars to do the computational work (at least, I hope no one sunk more than a few bucks on doing it). ...which is why we went to salted passwords, and shadow pw files that hid the hashes while leaving the other fields available to all users, and more secure and longer hashes than original crypt(1), quite some time ago. In fact there's an interesting little essay about the history of that arms race up until about 33 years ago in the 1986 Unix System Manager's Manual, Section 18. It's by two guys named Morris and Thompson. On Wed, Oct 9, 2019 at 2:16 PM Arthur Krewat <krewat@kilonet.net> wrote: > On 10/9/2019 5:09 PM, Warner Losh wrote: > > Only if he still uses it for online banking... :) > > LMFAO. > > > [-- Attachment #2: Type: text/html, Size: 1604 bytes --]
On Wed, 9 Oct 2019, Nigel Williams wrote:
> <nw@retrocomputingtasmania.com> wrote:
>> ZghOT0eRm4U9s:p/q2-q4!
>
> BTW, is that a chess move?
Looks like Queen's Gambit (remember the Chess machine?). I never did
figure out how to counter it, being a King's Gambit bod (although I'm
coming to grips with the Spanish Defence).
-- Dave
Adam Thornton wrote in <CAP2nic2g47RBxDhyvrDBSLSnd6j_bNeSfzkWhOShEFFpWMR\ hKA@mail.gmail.com>: |It is, if nothing else, a nice example of Moore's Law. | |Here's a thing on the distribution tape (at least, I assume it was; \ |happy to be wrong here) but which was assumed to be fundamentally safe, \ |because it was computationally infeasible to rainbow-table the |hash...so why not leave your real password hash on the images you gave \ |to the world? | |40 years later, it's obviously within the reach of hobbyists spending, \ |I presume, essentially zero dollars to do the computational work (at \ |least, I hope no one sunk more than a few bucks on doing it). Solar cells are costly. No, please do not say zero xy when you are using electronics. They are anything else but zero cost, not when their resources are captured, not when they or their assembly lines are built, not when they are shipped, not when they are used. Sorry if i bug you, but this day noble prices where given to people who improved batteries. Batteries are ok, but we just started the next race for rare earth and resources, instead of looking to a really sustainable future. |...which is why we went to salted passwords, and shadow pw files that \ |hid the hashes while leaving the other fields available to all users, \ |and more secure and longer hashes than original crypt(1), quite |some time ago. | |In fact there's an interesting little essay about the history of that \ |arms race up until about 33 years ago in the 1986 Unix System Manager's \ |Manual, Section 18. It's by two guys named Morris and |Thompson. After i have given up on being smart and started to use very long passwords, entire sentences when i have to type them, dd if=/dev/urandom bs=1 count=512 | LC_ALL=C tr -cd 'a-zA-Z0-9_.,=@%^+-' otherwise, i am now in the position to nag web and other interfaces here and there which restrict password lengths to 8 or so, and/or which restrict the allowed content. Now in public. --steffen | |Der Kragenbaer, The moon bear, |der holt sich munter he cheerfully and one by one |einen nach dem anderen runter wa.ks himself off |(By Robert Gernhardt)
On Thu, Oct 10, 2019 at 10:04:12AM +1100, Dave Horsfall wrote:
> On Wed, 9 Oct 2019, Nigel Williams wrote:
>
> > <nw@retrocomputingtasmania.com> wrote:
> > > ZghOT0eRm4U9s:p/q2-q4!
> >
> > BTW, is that a chess move?
>
> Looks like Queen's Gambit (remember the Chess machine?). I never did figure
> out how to counter it, being a King's Gambit bod (although I'm coming to
> grips with the Spanish Defence).
>
Sorry for being pedantic, but that's just the first move in the
Queen's pawn game. Whether it might become a Queen's gambit or one of
the other hundreds of possible openings starting like that, well,
depends only on where the two players decide to go afterwards ;)
The "!" at the end indicates that the move is considered "strong", or
giving an immediate slight advantage, and is normally read aloud with
a slight grin in your face...
Being a Semi-Slav player as black, I would have probably used "!?"
instead of "!", thus providing a fairer assessment of "p/q2-q4" and
automatically keeping Ken's password safe for much longer ;P
HND
[-- Attachment #1: Type: text/plain, Size: 435 bytes --] On Wed, Oct 9, 2019, 1:50 AM Nigel Williams <nw@retrocomputingtasmania.com> wrote: > ken is done: > > ZghOT0eRm4U9s:p/q2-q4! > > took 4+ days on an AMD Radeon Vega64 running hashcat at about 930MH/s > during that time (those familiar know the hash-rate fluctuates and > slows down towards the end). > This feat made it The Register: https://www.theregister.co.uk/2019/10/09/ken_thompsons_old_unix_password_cracked/ - Dan C. [-- Attachment #2: Type: text/html, Size: 1123 bytes --]
[-- Attachment #1: Type: text/plain, Size: 752 bytes --] Oh well. Late to the party as usual ;) (time is EST, New York) -rw------- 1 ******** *** 23 Oct 9 06:09 cracked.node006.txt $ cat cracked.node006.txt ZghOT0eRm4U9s:p/q2-q4! On 10/10/2019 4:21 AM, Dan Cross wrote: > On Wed, Oct 9, 2019, 1:50 AM Nigel Williams > <nw@retrocomputingtasmania.com <mailto:nw@retrocomputingtasmania.com>> > wrote: > > ken is done: > > ZghOT0eRm4U9s:p/q2-q4! > > took 4+ days on an AMD Radeon Vega64 running hashcat at about 930MH/s > during that time (those familiar know the hash-rate fluctuates and > slows down towards the end). > > > This feat made it The Register: > https://www.theregister.co.uk/2019/10/09/ken_thompsons_old_unix_password_cracked/ > > - Dan C. > [-- Attachment #2: Type: text/html, Size: 37434 bytes --]
Arthur Krewat <krewat@kilonet.net> writes: > Oh well. Late to the party as usual ;) (time is EST, New York) > > -rw------- 1 ******** *** 23 Oct 9 06:09 cracked.node006.txt > > $ cat cracked.node006.txt > > ZghOT0eRm4U9s:p/q2-q4! I was notified Bill Joy's password does not yet appear in any list: bill:.2xvLVqGHJm8M:8:10:& Joy,4156424948:/usr/bill:/bin/csh -- Leah Neukirchen <leah@vuxu.org> https://leahneukirchen.org/
[-- Attachment #1: Type: text/plain, Size: 799 bytes --] I have no opinion on the password hacking (especially since Ken seemed fine with it), but this is to me distasteful. The media was alerted, and that media was of all things The Register? It's not exactly a site known for its thoughtful or balanced journalism. -Henry On Thu, 10 Oct 2019 at 04:22, Dan Cross <crossd@gmail.com> wrote: > On Wed, Oct 9, 2019, 1:50 AM Nigel Williams <nw@retrocomputingtasmania.com> > wrote: > >> ken is done: >> >> ZghOT0eRm4U9s:p/q2-q4! >> >> took 4+ days on an AMD Radeon Vega64 running hashcat at about 930MH/s >> during that time (those familiar know the hash-rate fluctuates and >> slows down towards the end). >> > > This feat made it The Register: > https://www.theregister.co.uk/2019/10/09/ken_thompsons_old_unix_password_cracked/ > > - Dan C. > > [-- Attachment #2: Type: text/html, Size: 1856 bytes --]
[-- Attachment #1: Type: text/plain, Size: 1150 bytes --] It's here, too: https://arstechnica.com/information-technology/2019/10/forum-cracks-the-vintage-passwords-of-ken-thompson-and-other-unix-pioneers/ On 10/10/2019 9:57 AM, Henry Bent wrote: > I have no opinion on the password hacking (especially since Ken seemed > fine with it), but this is to me distasteful. The media was alerted, > and that media was of all things The Register? It's not exactly a > site known for its thoughtful or balanced journalism. > > -Henry > > > On Thu, 10 Oct 2019 at 04:22, Dan Cross <crossd@gmail.com > <mailto:crossd@gmail.com>> wrote: > > On Wed, Oct 9, 2019, 1:50 AM Nigel Williams > <nw@retrocomputingtasmania.com > <mailto:nw@retrocomputingtasmania.com>> wrote: > > ken is done: > > ZghOT0eRm4U9s:p/q2-q4! > > took 4+ days on an AMD Radeon Vega64 running hashcat at about > 930MH/s > during that time (those familiar know the hash-rate fluctuates and > slows down towards the end). > > > This feat made it The Register: > https://www.theregister.co.uk/2019/10/09/ken_thompsons_old_unix_password_cracked/ > > - Dan C. > [-- Attachment #2: Type: text/html, Size: 38439 bytes --]
Henry Bent <henry.r.bent@gmail.com> writes: > I have no opinion on the password hacking (especially since Ken seemed fine > with it), but this is to me distasteful. The media was alerted, and that > media was of all things The Register? It's not exactly a site known for > its thoughtful or balanced journalism. To be fair, I wrote this up on my blog because I really enjoyed this little piece of history, and put it on lobste.rs, expecting the usual 20 regulars to like it. I did not expect the story to take off like this! (I also declined interview questions from The Register and Ars Technica, because I don't have anything to add there and did not even find the end result.) -- Leah Neukirchen <leah@vuxu.org> https://leahneukirchen.org/
[-- Attachment #1: Type: text/plain, Size: 416 bytes --] On Wed, Oct 9, 2019 at 4:00 PM Rob Pike <robpike@gmail.com> wrote: > Interesting though it is, though, I find this hacking distasteful. It was > distasteful back when, and it still is. The attitudes around hackery have > changed; the position nowadays seems to be that the bad guys are doing it > so the good guys should be rewarded for doing it first. That's disingenuous > at best, and dangerous at worst. > Amen [-- Attachment #2: Type: text/html, Size: 941 bytes --]
On 10/10/2019, Clem Cole <clemc@ccc.com> wrote: > On Wed, Oct 9, 2019 at 4:00 PM Rob Pike <robpike@gmail.com> wrote: >> Interesting though it is, though, I find this hacking distasteful. [...] > Amen Some (large) companies regularly run password crackers on their employees' passwords and inform them if their passwords are found "insufficiently strong to protect company assets". Good, bad, distasteful, prudent, off-topic? N.
[-- Attachment #1: Type: text/plain, Size: 1030 bytes --] Randal Schwartz (https://en.wikipedia.org/wiki/Randal_L._Schwartz) got slammed with 3 felony charges (since revoked) for doing that favor for Intel. An Intel VP with a ridiculously weak password was unamused. It's one thing to badger your employees, quite another to post old passwords in the clear in a public forum. Those old passwords may turn up in unexpected places, or reveal information that the user would prefer not to be made public now. (Shame on Ken for liking chess :-). Bad idea, and off-topic. On Thu, Oct 10, 2019 at 4:38 PM Nemo <cym224@gmail.com> wrote: > On 10/10/2019, Clem Cole <clemc@ccc.com> wrote: > > On Wed, Oct 9, 2019 at 4:00 PM Rob Pike <robpike@gmail.com> wrote: > >> Interesting though it is, though, I find this hacking distasteful. > [...] > > Amen > > Some (large) companies regularly run password crackers on their > employees' passwords and inform them if their passwords are found > "insufficiently strong to protect company assets". > > Good, bad, distasteful, prudent, off-topic? > > N. > [-- Attachment #2: Type: text/html, Size: 1614 bytes --]
[-- Attachment #1: Type: text/plain, Size: 408 bytes --] On Thu, 10 Oct 2019, Henry Bent wrote: > I have no opinion on the password hacking (especially since Ken seemed > fine with it), but this is to me distasteful. The media was alerted, > and that media was of all things The Register? It's not exactly a site > known for its thoughtful or balanced journalism. I've found The Register to be pretty OK, but what would you recommend in its place? -- Dave
On Thu, 10 Oct 2019, Nemo wrote: > Some (large) companies regularly run password crackers on their > employees' passwords and inform them if their passwords are found > "insufficiently strong to protect company assets". An ex-employer of mine (not the reason I left) used to do just that. > Good, bad, distasteful, prudent, off-topic? Depends :-) -- Dave
On 10/11/2019 2:24 AM, Dave Horsfall wrote:
> On Thu, 10 Oct 2019, Nemo wrote:
>
>> Some (large) companies regularly run password crackers on their
>> employees' passwords and inform them if their passwords are found
>> "insufficiently strong to protect company assets".
>
> An ex-employer of mine (not the reason I left) used to do just that.
>
>> Good, bad, distasteful, prudent, off-topic?
>
> Depends :-)
>
> -- Dave
And when I was an instructor and sysadmin at Pyramid, I caught a
co-worker with a SUID ksh binary named "..." "hidden under his home
directory in a directory named "..." because su took too long. Yeah and
su had logging. Thank you COPS. Not that I distrusted him -- but when
you share sysadmin duties there are things thatshouldn't be done.
Bill
Kurt H Maier <khm@sciops.net> once said:
> On Wed, Oct 09, 2019 at 09:59:43AM -1000, Rob Pike wrote:
> > I find this hacking distasteful. It was distasteful back when, and it
> > still is.
>
> And not really relevant to this topic, in fact.
It is relevant, in fact.
And if you're going to peck someone's password out of a hash, at least
keep your beak shut. Don't write a cock-a-hoop article that will surely
be parroted all over the net. It's foul.
Anthony
(my apologies, I sent this the other day assuming it would
be sent to the list, but instead it got sent directly to
rob pike! oops!)
I agree, but I do believe that the time itself is a mitigating
factor.
To me this is much more akin to replicating a key for a lock
that is no longer used, than anything else. It really doesn't
serve much more purpose than pure curiosity and is of historical
interest at best.
On a (slightly?) related note, it's very, very surprising to me
that this has hit news outlets. I never considered that this
would get much more than a handful of replies, let alone this
much interest.
--
- Finn
"Enough too is much not!"
On 2019-10-09 19:59, Rob Pike wrote:
> I coulda told you that. One tends to learn passwords (inadvertently)
> when they're short and typed nearby often enough. (Sorry, ken.)
>
> If I remember right, the first half of this password was on a t-shirt
> commemorating Belle's first half-move, although its notation may have
> been different.
>
> Interesting though it is, though, I find this hacking distasteful. It
> was distasteful back when, and it still is. The attitudes around
> hackery have changed; the position nowadays seems to be that the bad
> guys are doing it so the good guys should be rewarded for doing it
> first. That's disingenuous at best, and dangerous at worst.
>
> -rob
On 10/11/2019 7:46 PM, Finn O'Leary wrote:
> On a (slightly?) related note, it's very, very surprising to me
> that this has hit news outlets. I never considered that this
> would get much more than a handful of replies, let alone this
> much interest.
Nor me. Now my name, along with Leah Neukirchen is out there in
connection with this. I don't care about myself, but Leah may not have
wanted her name out there in relation to this.
I was out there for various other things including of all things, Ford
trucks. And I even have an IMDB entry for something I did way back in
the mid 80's.
While the white-hat hacker in me revels in the publicity, I, like you,
am somewhat taken aback by the exposure. I can't blame anyone here or
elsewhere for that. I'm just a little shell-shocked that the TUHS
mailing list has this much exposure. WHICH IS NOT A BAD THING!
Ah well... the Internet is what it is. ;)
art k.
On 10 Oct 2019 10:05 -0400, from krewat@kilonet.net (Arthur Krewat): > It's here, too: > > https://arstechnica.com/information-technology/2019/10/forum-cracks-the-vintage-passwords-of-ken-thompson-and-other-unix-pioneers/ The circle is now all; it's back in the blogosphere. Though Schneier refers to these as passwords of "early Internet pioneers". https://www.schneier.com/blog/archives/2019/10/cracking_the_pa.html -- Michael Kjörling • https://michael.kjorling.se • michael@kjorling.se “The most dangerous thought that you can have as a creative person is to think you know what you’re doing.” (Bret Victor)
This has been solved.
First attempted was a full 8-character upper/lower/numeric brute force
which took over 6 days and failed.
Second attempt was lower-case with control characters, and succeeded in
around 40 minutes.
There's a control character in it ;)
Because of the outpouring of negativity about these disclosures, I am
reluctant to post the actual password without the user's consent, since
he's still alive. If anyone knows Bill, and can contact him, please ask
for permission.
This was done on three nodes of a Dell HPC cluster, each node containing
two Tesla V100 nVidia GPU cards, for a total of 30720 CUDA cores.
Session..........: hashcat
Status...........: Running
Hash.Type........: descrypt, DES (Unix), Traditional DES
Hash.Target......: .2xvLVqGHJm8M
Time.Started.....: Fri Oct 18 06:53:25 2019 (40 mins, 1 sec)
Time.Estimated...: Fri Oct 18 08:06:55 2019 (33 mins, 29 secs)
Guess.Mask.......: ?1?1?1?1?1?1?1?1 [8]
Guess.Charset....: -1 lowernonprint.hcchr, -2 Undefined, -3 Undefined,
-4 Undefined
Guess.Queue......: 1/1 (100.00%)
Speed.#2.........: 1666.0 MH/s (401.65ms) @ Accel:32 Loops:1024 Thr:256
Vec:1
Speed.#3.........: 1663.7 MH/s (402.23ms) @ Accel:32 Loops:1024 Thr:256
Vec:1
Speed.#*.........: 3329.7 MH/s
Recovered........: 0/1 (0.00%) Digests, 0/1 (0.00%) Salts
Progress.........: 22674229475111/29366087151182 (77.21%)
Rejected.........: 0/22674229475111 (0.00%)
Restore.Point....: 108847949/714924299 (15.23%)
Restore.Sub.#2...: Salt:0 Amplifier:147456-148480 Iteration:0-1024
Restore.Sub.#3...: Salt:0 Amplifier:134144-135168 Iteration:0-1024
Candidates.#2....: $HEX[6e7010627170696d] -> $HEX[076710740f150509]
Candidates.#3....: $HEX[0a1f676c0f150509] -> $HEX[1f710c1979060809]
Hardware.Mon.#2..: Temp: 61c Util:100% Core:1380MHz Mem: 877MHz Bus:16
Hardware.Mon.#3..: Temp: 57c Util:100% Core:1380MHz Mem: 877MHz Bus:16
On 10/10/2019 8:07 AM, Leah Neukirchen wrote:
> Arthur Krewat <krewat@kilonet.net> writes:
>
>> Oh well. Late to the party as usual ;) (time is EST, New York)
>>
>> -rw------- 1 ******** *** 23 Oct 9 06:09 cracked.node006.txt
>>
>> $ cat cracked.node006.txt
>>
>> ZghOT0eRm4U9s:p/q2-q4!
> I was notified Bill Joy's password does not yet appear in any list:
>
> bill:.2xvLVqGHJm8M:8:10:& Joy,4156424948:/usr/bill:/bin/csh
>
[-- Attachment #1: Type: text/plain, Size: 1744 bytes --] On Fri, Oct 18, 2019 at 6:35 AM Arthur Krewat <krewat@kilonet.net> wrote: > This has been solved. > > First attempted was a full 8-character upper/lower/numeric brute force > which took over 6 days and failed. > > Second attempt was lower-case with control characters, and succeeded in > around 40 minutes. > > There's a control character in it ;) > I'd long suspected that someone would have done this; it would be a great way to expand the total keyspace, and extend the life of But given Ken's seminal work in password stretching and keyspace analysis, I always suspected that it was ken, not bill. in 2015, I was intrigued by the idea that he'd left a little puzzle in a hash that he knew would be publicly available. I even went so far as to construct a small FPGA cluster in pursuit of that theory: https://www.techsolvency.com/passwords/ztex/ What original caught my attention was the logic behind enforcing password quality in passwd.c during a specific era of BSD code, which exited ambiguously in a double negative of sorts, where control characters were not disallowed during password entry. (I'll try to dig up the source.) Anyway, I must have made an error in my original work in 2015, in which I found both of ken's: https://twitter.com/TychoTithonus/status/1182181560264491008 ... but managed to miss bill's entirely, thinking that it had already been cracked. In the superset of all CSRG-published distros, there are slightly more than 1400 total hashes, and one of bill's appears to have been lost in the shuffle (the other was trivial). So some hearty (and bittersweet!) kudos for solving this puzzle! It is what drove me into password auditing as a passion (and profession). Royce -- Royce Williams Tech Solvency [-- Attachment #2: Type: text/html, Size: 2489 bytes --]
[-- Attachment #1: Type: text/plain, Size: 449 bytes --] On Fri, Oct 18, 2019 at 7:01 AM Royce Williams <royce@techsolvency.com> wrote: > On Fri, Oct 18, 2019 at 6:35 AM Arthur Krewat <krewat@kilonet.net> wrote: > >> There's a control character in it ;) >> > > I'd long suspected that someone would have done this; it would be a great > way to expand the total keyspace, and extend the life of > Er, "[...] extend the life of descrypt as a hashing algorithm". :) Royce -- Royce Williams Tech Solvency [-- Attachment #2: Type: text/html, Size: 1307 bytes --]
On Fri, Oct 18, 2019 at 7:01 AM Royce Williams <royce@techsolvency.com> wrote: > What original caught my attention was the logic behind enforcing password quality in passwd.c during a specific era of BSD code, which exited ambiguously in a double negative of sorts, where control characters were not disallowed during password entry. (I'll try to dig up the source.) Specifically, see the eras in which passwd.c looked something like this: https://github.com/dank101/4.2BSD/blob/708b3890ac0c2f034f2840b5ee9125b3c83a05bc/bin/passwd.c#L69-L107 while (c = *p++) { if (c >= 'a' && c <= 'z') flags |= 2; else if (c >= 'A' && c <= 'Z') flags |= 4; else if (c >= '0' && c <= '9') flags |= 1; else flags |= 8; } if (flags >= 7 && pwlen >= 4) ok = 1; I was intrigued that the "special characters" character set was defined negatively, such that control characters would also count. Royce
[-- Attachment #1: Type: text/plain, Size: 1570 bytes --] Related story. A user came to us with a problem while we were in our computer room. We asked him to log in at the VAX console, so we could look into the problem. Moments later, dozens of users flooded in, asking what had happened. Seems the first user had a CTRL-P in his password, which, when entered at the console, triggered the VAX to pause. On Fri, Oct 18, 2019 at 2:34 PM Royce Williams <royce@techsolvency.com> wrote: > On Fri, Oct 18, 2019 at 7:01 AM Royce Williams <royce@techsolvency.com> > wrote: > > > What original caught my attention was the logic behind enforcing > password quality in passwd.c during a specific era of BSD code, which > exited ambiguously in a double negative of sorts, where control characters > were not disallowed during password entry. (I'll try to dig up the source.) > > Specifically, see the eras in which passwd.c looked something like this: > > > https://github.com/dank101/4.2BSD/blob/708b3890ac0c2f034f2840b5ee9125b3c83a05bc/bin/passwd.c#L69-L107 > > while (c = *p++) { > if (c >= 'a' && c <= 'z') > flags |= 2; > else if (c >= 'A' && c <= 'Z') > flags |= 4; > else if (c >= '0' && c <= '9') > flags |= 1; > else > flags |= 8; > } > if (flags >= 7 && pwlen >= 4) > ok = 1; > > I was intrigued that the "special characters" character set was > defined negatively, such that control characters would also count. > > > Royce > [-- Attachment #2: Type: text/html, Size: 2418 bytes --]
I'm amused (in a good way) that this thread persists, and without becoming boring. Speaking as someone who was Ken's sysadmin for six years, I find it hard to get upset over someone cracking a password hash that has been out in the open for decades, using an algorithm that became pragmatically unsafe slightly fewer decades ago. It really shouldn't be in use anywhere any more anyway. Were I still Ken's sysadmin I'd have leaned on him to change it long ago. So far as I know, my password from that era didn't escape the Labs, but nevertheless I abandoned it long ago--when I left the Labs myself, in fact. I do have one password that has been unchanged since the mid-1990s and is stored in heritage hash on a few computers that don't even have /etc/shadow, but those are not public systems. And it's probably time I changed it anyway. None of this is to excuse the creeps who steal passwords these days, nor to promote complacency. At the place I now work we had a possible /etc/shadow exposure some years back, and we reacted by pushing everyone to change their passwords and also by taking various measures to keep even the hashes better-hidden. But there is, or should be, a difference between a password that is still in use and one that was exposed so long ago, and in what is now so trivial an algorithm, that it is no more than a puzzle for fans of the old-fart days. Norman Wilson Toronto ON
On Sat, Oct 19, 2019 at 09:45:30AM -0400, Norman Wilson wrote:
> I'm amused (in a good way) that this thread persists, and
> without becoming boring.
>
> Speaking as someone who was Ken's sysadmin for six years,
> I find it hard to get upset over someone cracking a password
> hash that has been out in the open for decades, using an
> algorithm that became pragmatically unsafe slightly fewer
> decades ago. It really shouldn't be in use anywhere any
> more anyway. Were I still Ken's sysadmin I'd have leaned
> on him to change it long ago.
I have a disk from one of Melbourne Uni's old Alpha servers from back in the
1990's and the passwd file is a who's who of staff, but I could only crack 3
of the student's passwords. The system is interesting in other ways, it's a
snapshot of the old oz.au network.
--
I love deadlines. I love the whooshing noise as they fly by.
On 10/19/2019 4:27 PM, ewe2 wrote:
> On Sat, Oct 19, 2019 at 09:45:30AM -0400, Norman Wilson wrote:
>> I'm amused (in a good way) that this thread persists, and
>> without becoming boring.
>>
>> Speaking as someone who was Ken's sysadmin for six years,
>> I find it hard to get upset over someone cracking a password
>> hash that has been out in the open for decades, using an
>> algorithm that became pragmatically unsafe slightly fewer
>> decades ago. It really shouldn't be in use anywhere any
>> more anyway. Were I still Ken's sysadmin I'd have leaned
>> on him to change it long ago.
>
> I have a disk from one of Melbourne Uni's old Alpha servers from back in the
> 1990's and the passwd file is a who's who of staff, but I could only crack 3
> of the student's passwords. The system is interesting in other ways, it's a
> snapshot of the old oz.au network.
>
Contact me off list ;)
art k.