29 Dec
2017
29 Dec
'17
5:22 p.m.
On 19 Dec 2017, at 21:17, Derek Fawcus <dfawcus+lists-tuhs(a)employees.org> wrote:
On Tue, Dec 19, 2017 at 12:08:21PM +1100, Dave Horsfall wrote:
Well, we all ran Alec’s crack for fun & profit (and some to land themselves in
trouble)… I think that doesn’t really qualify as a hack per-se, just a technique which
used to work easily and now requires a little bit more computing power (OK, a lot more as
the hashing of passwords has become rather more serious).
Personally I feel that if we go down the password route then, besides the “easy”
brute-forcing of old /etc/passwd files, we have to include the LANMAN password hashes but,
again, of historical interest definitely but not sure it can be turned into an article
unless someone manages to write it all the way to the latest oopsies like Linux’s systemd
and usernames starting with a digit or Apple’s 10.13 “be root with a simple Enter”. I
guess one could write it from the point of view of looking at the bad decisions, their
implications and the bugs which made even bad decisions look almost good.
Arrigo
Leaving a "login" simulator on a terminal (quite common).
Well if you include that one, you may want to include the simple
brute force testing of passwords against /etc/passwd
(before shadow files existed). The login name and real names
(direct or reversed) would tend to get at least one hit.