How to Audit Unix Passwords

To audit Unix passwords, you must compare each encrypted password in the Unix password file with a set of potential encrypted passwords. These potential encrypted passwords are created by encrypting every password in a list of plaintext passwords. This is an example of a dictionary attack.

The Unix passwd File Location

The traditional location for the Unix password file was /etc/passwd.

Unix password file format

An entry in the Unix password file consists of seven colon delimited fields:

Username

Encrypted Unix password (And optional password aging data)

User number

Group Number

GECOS Information

Home directory

Shell

Sample entry from /etc/passwd:

will:5fg63fhD3d5gh:9406:12:Will Spencer:/home/will:/bin/bash

Broken down, this passwd file line shows:

Username	will
Encrypted Unix password	5fg63fhD3d5gh
User number	9406
Group Number	12
GECOS Information	Will Spencer
Home directory	/home/will
Shell	/bin/bash

Auditing Unix passwords

Contrary to popular belief, Unix passwords cannot be decrypted. Unix passwords are encrypted with a one way function. The login program accepts the text you enter at the “Password:” prompt and then runs it through a cryptographic algorithm. The results of that algorithm are then compared against the encrypted form of your Unix password stored in the password file.

On a more technical level, the password that you enter is used as a key to encrypt a 64-bit block of NULLs. The first seven bits of each character are extracted to form a 56-bit key. This means that only eight characters are significant in a standard Unix password. The E-table is then modified using the salt, which is a 12-bit value, coerced into the first two chars of the stored password. The salt’s purpose is to make precompiled password lists and DES hardware chips more time consuming to use. DES is then invoked for 25 iterations. The 64-bit output block and is then coerced into a 64-character alphabet (A-Z,a-z,”.”,”/”). This involves translations in which several different values are represented by the same character, which is why Unix passwords cannot be decrypted.

Unix password auditing software uses wordlists to implement a dictionary attack. Each word in the wordlist is encrypted using the algorithm described above and the salts from the password file. The results are then compared to the encrypted form of the target password.

To audit Unix passwords under Unix or DOS/Windows, try John the Ripper. For the Macintosh, try Killer Cracker or Mac Krack.

Password Shadowing

Password shadowing is a security system where the encrypted password field of /etc/passwd is replaced with a special token and the encrypted password is stored in a separate file (or files) which is not readable
by normal system users.

The getpwent() Unix Password Shadowing Vulnerability

On older Unix systems, password shadowing was often defeated by using a program that made successive calls to getpwent() to obtain the entire password file. Modern Unix systems are not susceptible to this attack.

Example:

#include <pwd.h>
main()
{
struct passwd *p;
while(p=getpwent())
printf("%s:%s:%d:%d:%s:%s:%sn", p->pw_name, p->pw_passwd,
p->pw_uid, p->pw_gid, p->pw_gecos, p->pw_dir, p->pw_shell);
}

Unix Password Shadowing on Various Unix Implementations

Some Unix password shadowing schemes store the shadowed passwords in a single file, while others utilize a hierarchy of multiple files.

Token is the text placed in the second field the /etc/passwd file.