[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[cobalt-security] How do we shadow these passwords?

Subject: [cobalt-security] How do we shadow these passwords?
From: Rod Todd <rodd_todd_1999@xxxxxxxxx>
Date: Thu, 5 Oct 2000 08:27:30 -0700 (PDT)
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

Hello, we need to find a way to shadow these passwords
we think.
When we do this : vi /etc/htpasswd

We receive this:

admin:3HbEKpCib5w8c
HOME:*
Greg:ZpEHawEPyAfQc
mitch:fL/M22A4/gbJ6
snax:98Ss4LdDcCPIw
bob:T3BWT9JW0GbF.
support:iF/8NUOzAe6og
johnny:K8a9B9b902P/k
harry:oECTlev52ykKk
esupport:K9NtmtaRV0kIk
coolio:z86Z.gvt1cOB2
validation:9z1nQce4QCsX6
info:mcJ1A1w.sRjXI
sales:0xcNvMx0J8Ze2
pr:jrIiXwm7GO3Hc
ceo:ZiAs4sdXXp6cs
cfo:cKrXF0/9RP/0I
admin.staff:qWxEjZYJurSOM
joe:AWYRapFeaEgx.
bobby:Axb843DCwgDhQ
sam:6zcuB/8MJqZ76
sally:fkLs/0pe7roT2
george:AiEpFsf9lXFmc
jim:3XTLonGzlSZlY
bobo:sj.APoPhqEmfg
larry:lKdHCu4TqzF6.
della:e0SIbGCAgqDzg
sammy:V0HIVLYSvLrrE
david:IHm.VZ/rOQOdY
happy:pCPDrfNPlUIds
henry:OMfidHmsu.PDM
joey:rq0ZsbcDiWckI
will:moSogH5pBn/Nk
geo:pawLpohw4FQos
al:fpvgkoeyHwCU2
ho:68FNKkdlA/IK2


When we do this : vi /etc/htpasswd.OLD

We get this:

admin:n4xe2tZ/8r6Gg
HOME:*

When we do this: vi /etc/passwd

We receive this:

root:3HbEKpCib5w8c:0:0:Root:/root:/bin/sh
bin:x:1:1:bin:/bin:
daemon:x:2:2:daemon:/sbin:
adm:x:3:4:adm:/var/adm:
lp:x:4:7:lp:/var/spool/lpd:
sync:x:5:0:sync:/sbin:/bin/sync
shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
halt:x:7:0:halt:/sbin:/sbin/halt
mail:x:8:12:mail:/var/spool/mail:
news:x:9:13:news:/var/spool/news:
uucp:x:10:14:uucp:/var/spool/uucp:
operator:x:11:0:operator:/root:
games:x:12:100:games:/usr/games:
gopher:x:13:30:gopher:/usr/lib/gopher-data:
ftp:x:14:50:FTP User:/home/ftp:
httpd:x:15:11:httpd:/home/httpd:
squid:x:16:16:Squid Cache:/home/squid:
nobody:x:99:99:Nobody:/:
admin:3HbEKpCib5w8c:110:100:greenLine:/home/users/admin:/bin/bash
HOME:x:111:100:home anonymous FTP
user:/home/groups/home/ftp:/bin/bash
jeo:ZpEHawEPyAfQc:118:100:R:/home/users/jeo:/bin/bash
mitch:fL/M22A4/gbJ6:119:100:Mitch:/home/users/mitch:/bin/bash
snax:98Ss4LdDcCPIw:120:100:snax:/home/users/snax:/bin/bash
bob:T3BWT9JW0GbF.:121:100:bob:/home/users/bob:/bin/bash
support:iF/8NUOzAe6og:122:100:
Support:/home/users/support:/bin/bash
johnny:K8a9B9b902P/k:123:100:johnny:/home/users/johnny:/bin/bash
harry:oECTlev52ykKk:124:100:harry:/home/users/harry:/bin/bash


When we do this: vi /etc/passwd-

We receive this:

root:O0EaLbg8orLgM:0:0:Root:/root:/bin/sh
bin:*:1:1:bin:/bin:
daemon:*:2:2:daemon:/sbin:
adm:*:3:4:adm:/var/adm:
lp:*:4:7:lp:/var/spool/lpd:
sync:*:5:0:sync:/sbin:/bin/sync
shutdown:*:6:0:shutdown:/sbin:/sbin/shutdown
halt:*:7:0:halt:/sbin:/sbin/halt
mail:*:8:12:mail:/var/spool/mail:
news:*:9:13:news:/var/spool/news:
uucp:*:10:14:uucp:/var/spool/uucp:
operator:*:11:0:operator:/root:
games:*:12:100:games:/usr/games:
gopher:*:13:30:gopher:/usr/lib/gopher-data:
ftp:*:14:50:FTP User:/home/ftp:
httpd:*:15:11:httpd:/home/httpd:
squid:*:16:16:Squid Cache:/home/squid:
nobody:*:99:99:Nobody:/:
admin:O0EaLbg8orLgM:110:100:greenLine:/home/users/admin:/bin/bash
HOME:*:111:100:home anonymous FTP
user:/home/groups/home/ftp:/bin/bash
chip:hmiXv.Vh2MtMQ:500:500::/home/chip:/bin/bash


When we do this : vi /etc/passwd.master

We receive this:

root:JBhhWODYfbRvY:0:0:root:/root:/bin/bash
bin:*:1:1:bin:/bin:
daemon:*:2:2:daemon:/sbin:
adm:*:3:4:adm:/var/adm:
lp:*:4:7:lp:/var/spool/lpd:
sync:*:5:0:sync:/sbin:/bin/sync
shutdown:*:6:0:shutdown:/sbin:/sbin/shutdown
halt:*:7:0:halt:/sbin:/sbin/halt
mail:*:8:12:mail:/var/spool/mail:
news:*:9:13:news:/var/spool/news:
uucp:*:10:14:uucp:/var/spool/uucp:
operator:*:11:0:operator:/root:
games:*:12:100:games:/usr/games:
gopher:*:13:30:gopher:/usr/lib/gopher-data:
ftp:*:14:50:FTP User:/home/ftp:
httpd:*:15:11:httpd:/home/httpd:
squid:*:16:16:Squid Cache:/home/squid:
nobody:*:99:99:Nobody:/:

We we do this: vi /etc/passwd.OLD

We receive this : 

root:x:0:0:Root:/root:/bin/sh
bin:x:1:1:bin:/bin:
daemon:x:2:2:daemon:/sbin:
adm:x:3:4:adm:/var/adm:
lp:x:4:7:lp:/var/spool/lpd:
sync:x:5:0:sync:/sbin:/bin/sync
shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
halt:x:7:0:halt:/sbin:/sbin/halt
mail:x:8:12:mail:/var/spool/mail:
news:x:9:13:news:/var/spool/news:
uucp:x:10:14:uucp:/var/spool/uucp:
operator:x:11:0:operator:/root:
games:x:12:100:games:/usr/games:
gopher:x:13:30:gopher:/usr/lib/gopher-data:
ftp:x:14:50:FTP User:/home/ftp:
httpd:x:15:11:httpd:/home/httpd:
squid:x:16:16:Squid Cache:/home/squid:
nobody:x:99:99:Nobody:/:
admin:x:110:100:greenLine:/home/users/admin:/bin/bash
HOME:x:111:100:home anonymous FTP
user:/home/groups/home/ftp:/bin/bash
chip:x:500:500::/home/chip:/bin/bash

When we do this: vi /etc/smbpasswd

We receive this:

# This is Samba's encrypted password file
# It stores LANMAN and NT password hashes
# This file *must* be mode 0600
admin:110:C96EA9AD38D6AEA506A12F6F9D41898F:65E381D3A0B9492D3BBF60482FDACE84:greenLine:/home/users/admin:/bin/bash
.....

Also, we can not su - from admin with the GUI admin
password; nor can we SSH in with the root/admin
passwords.  Any clues?
Warm Regards,
RT





__________________________________________________
Do You Yahoo!?
Yahoo! Photos - 35mm Quality Prints, Now Get 15 Free!
http://photos.yahoo.com/

Follow-Ups:
- Re: [cobalt-security] How do we shadow these passwords?
  - From: Mark Baker - Cobalt Lists
- Re: [cobalt-security] How do we shadow these passwords?
  - From: Peter Low
- Re: [cobalt-security] How do we shadow these passwords?
  - From: Gossi The Dog

Prev by Date: Re[2]: [cobalt-security] NEW UPDATE: All System 3.0.2-6449
Next by Date: Re: Re[2]: [cobalt-security] NEW UPDATE: All System 3.0.2-6449
Previous by thread: Re[2]: [cobalt-security] Did anybody install...
Next by thread: Re: [cobalt-security] How do we shadow these passwords?

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index