View Full Version : Password file
09-22-2004, 05:48 PM
Hey where is the password file for 10.3.5. /etc/passwd does not seem to contain my passwords and there is no /etc/shadow file?
09-23-2004, 12:05 AM
Everything is stored in the Netinfo database. Applications -> Utilities -> Netinfo Manager Go to users and you'll be able to "see" the password there.
09-23-2004, 04:08 AM
Netinfo manager does not show me the hash it simply says ;ShadowHash;
while I can't think of any reason someone would legitamately want to do this besides why I did it (a corse in computer security) or maybe you forgot your password and lost you cd and you key board busted, I suppose you could write a scirpt to automate this for migrating a system....
My assignment was to run john the ripper on a passwd file either from a windows box or unix box, long story short the password hashes are hidden by OS X and are not in a /etc/passwd file or in a /etc/shadow file the passwd file looks like this:
www:*:70:70:World Wide Web Server:/Library/WebServer:/noshell
sshd:*:75:75:sshd Privilege separation:/var/empty:/noshell
Where a single star means disabled and multiple stars means the hash is hidden by OS X. The hases are actually kept in the
/var/db/shadow/hash directory (/private/var/db/shadow/hash)
Under the generateduid of each user as the file name, there is the hash for the user.
I'll do this by hand and leave it up to you to automate it:
in the application go to users/user_name/
copy down the generateduid
type in your root password
copy the text it spits out
or use vi or what ever editor you want
replace the ******* with the first 32 characters of the hash you copied
then hit semi colon and put in the next 32 digits of that bunch of stuff you
copied from /var/db/shadow/hash
Stuff you copied from /var/db/shadow/hash
make sure its all on one line though
will do thanks,
Oh and any and all created for this should go to one dimbulb
be careful with that. if i read correctly its not and md5 or sha1 hash. its the NTLM hash that is used for samba. and its very weak. the part you discarded is the sha1 hash.
vBulletin® v3.8.7, Copyright ©2000-2013, vBulletin Solutions, Inc.