I remember cracking the password from a Windows system in high school. There was a centralized login mechanism using Novell but everything was cached locally. So you could boot a Linux CD and copy the password file to a memory stick, and crack at home. I think I used lophtcrack? The head admin account for the entire school district (basically root) had the password “north”. It took like a fraction of a second to crack. It was so simple that for weeks I didn’t even believe it to be true, and didn’t realize the name of the account was an admin.<p>I was expelled a few months later for all the fun I had after discovering this. Good times.
Ken Thompson:<p>> congrats.<p><a href="https://inbox.vuxu.org/tuhs/CAG=a+rj8VcXjS-ftaj8P2_duLFSUpmNgB4-dYwnTsY_8g5WdEA@mail.gmail.com/" rel="nofollow">https://inbox.vuxu.org/tuhs/CAG=a+rj8VcXjS-ftaj8P2_duLFSUpmN...</a>
I'm shocked at how well the old hashing stood up; sure, it's totally crackable today, but a well-picked password <i>still</i> took 4+ days to crack on modern hardware, which is remarkable. (Granted, it doesn't sound like they did anything fancy like throwing a hundred cloud instances at it or something; I'm not saying you should use DES today:) )
I had a password for an old school system (which I wrote) that was "any 21 characters where the 21st character is a 'z'". People would watch me type it (mashing 20 keys then the 'z') and be amazed I could remember a password that long.
>Since the DES-based crypt(3) algorithm used for these hashes is well known to be weak (and limited to at most 8 letters)<p>>ZghOT0eRm4U9s:p/q2-q4!<p>How is that 8 letters?
If anyone is curious, the equivalent in modern notation is “1. d4!”. Moving the pawn in front of the queen forward by two spaces. The exclamation point indicates that the annotater believes it to be a particularly strong move (describing a standard move from opening theory that way is a bit tongue-in-cheek).
Right after finishing Electronics vocational school I spent the next year working as an intern at Unicamp (Campinas University in Brazil). The job was at the computer lab of the School of Electrical and Computer Engineering[1]. This was before ethernet (yeah, I' that old), so dumb terminals were linked to the CPUs through RS-232 cables - when I was not burning my fingertips soldering DB-25 connectors I was tinkering with every computer I could get my hands on.<p>I saw /etc/passwd and asked my boss how to decrypt the passwords. He told me it was a one-way encryption, so the login program would just encrypt the password you provided and compare to the encrypted value. He went on explaining the old crypt algorithm and even made a bet I could not guess his password. He said it was related to a movie.<p>So at 17 I was hooked and started studying the sources. In the end I just patched and recompiled the passwd binary to store clean text passwords in a hidden file. Later I learned this was called a trojan horse.<p>And even now, 30 years later, I remember his face when I told the movie was Citizen Kane and his password was "rosebud".<p>Thank you Miguel and Gorgonio for teaching me about C and Unix! This knowledge paid my rent for 3 decades and I still love the job.<p>[1] <a href="http://www.internationaloffice.unicamp.br/english/teaching/graduate/school-electrical-computer-engineering/" rel="nofollow">http://www.internationaloffice.unicamp.br/english/teaching/g...</a><p>[2] <a href="https://en.wikipedia.org/wiki/RS-232" rel="nofollow">https://en.wikipedia.org/wiki/RS-232</a>
One lone password from the original list, Bill Joy's password, is still uncracked as far as I can tell. Bill Joy is the co-founder of Sun Microsystems, author of vi, and a key developer of BSD UNIX. He apparently picked the best password.<p>Here's the /etc/passwd entry:<p><pre><code> bill:.2xvLVqGHJm8M:8:10:& Joy,4156424948:/usr/bill:/bin/csh</code></pre>
ZghOT0eRm4U9s is actually the newer one, the older one is from 2.9BSD, through to 4.3BSD<p><a href="https://www.openwall.com/presentations/Passwords12-The-Future-Of-Hashing/mgp00011.txt" rel="nofollow">https://www.openwall.com/presentations/Passwords12-The-Futur...</a><p>sq5UDrPlKj1nA<p>Seeing this news, I guessed this one on my second guess (after trying p/q2-q4!) - no brute forcing required!<p>p/k2-k4!
Did anyone bother to ask Ken’s permission first before publishing his password on the public internet? Based on his reaction he clearly didn’t mind, but still!
This brings back memories of a common exploit w/tftp, such that you could download an unshodowed /etc/passwd file from a remote machine, decrypt it, log into that remote system, collect new hosts from /etc/hosts, then rinse and repeat. Hash rate were pretty slow back then, but the fact that people used passwds straight out of dictionaries helped, so I'm told...
i deduced my dad's password when I was a middle-schooler. The uni micro had a teletype and although it did not echo password characters, if you mistyped your password, it would print the mistyped password, and knowing a bit about my dad, I could figure out what the correct password was. I logged in and sent himself an email reminding him to use a better password.
> (those familiar know the hash-rate fluctuates and
slows down towards the end)<p>Could someone explain this to me, why does it slow down towards the end?
Queen's pawn game:<p><a href="https://en.wikipedia.org/wiki/Queen%27s_Pawn_Game" rel="nofollow">https://en.wikipedia.org/wiki/Queen%27s_Pawn_Game</a><p>[edit] See also "Ken, Unix and Games" by Dennis Ritchie:<p><a href="https://www.bell-labs.com/usr/dmr/www/ken-games.html" rel="nofollow">https://www.bell-labs.com/usr/dmr/www/ken-games.html</a>
I once anonymously emailed administrators of a multiuser unix system that perhaps they should handle the numerous users that had home directories and .bashrc files that were both writable by everyone. After a week I had the users themselves email when they logged in. It was fixed that day.
Speaking of passwords, I just discovered that HN will ban your IP address from creating an account if you have a question mark in your password. I assume this is to help against SQL injection? (Not a security person here.) Pretty extreme result, but luckily I can post from another IP. I wonder how many users have hit this and not known why?
Interresting. :-)<p>When I create hashes for systems, I actually, now create a "version" prefix for hashes... this way I can on-run upgrade to a newer hash at login (if/when needed).<p>Have upgraded a older systems this way... after 30 days, dumped any that hadn't changed and sent emails notifying that they'd have to use the "forgot password" option the next time they wanted to login.<p>Currently using pbkdf2/hmacsha512*100000 for password hashing. 16-byte salt, 32byte result... varying too far from NIST guidelines would have been a hard sell.<p>output base64 values: v#.SALT.HASH
Since this password list appears to come from one of the original systems on which UNIX and C were developed, it would be fun to see the names and original passwords of all the luminaries. I merged together the author's work, the original /etc/passwd, and the comments from the mailing list:<p><pre><code> root:OVCPatZ8RFmFY:Ernie Co-vax --> cowperso
daemon:*:The devil himself --> (login not allowed)
bill:.2xvLVqGHJm8M:Bill Joy --> (password still unknown)
ozalp:m5syt3.lB5LAE:Ozalp Babaoglu --> 12ucdort
sklower:8PYh/dUBQT9Ss:Keith Sklower --> theik!!!
kridle:4BkcEieEtjWXI:Bob Kridle --> jilland1
kurt:olqH1vDqH38aw:Kurt Shoens --> sacristy
schmidt:FH83PFo4z55cU:Eric Schmidt --> wendy!!!
hpk:9ycwM8mmmcp4Q:Howard Katseff --> graduat;
tbl:cBWEbG59spEmM:Tom London --> ..pnn521
jfr:X.ZNnZrciWauE:John Reiser --> 5%ghj
mark:Pb1AmSpsVPG0Y:Mark Horton --> uio
dmr:gfVwhuAMF0Trw:Dennis Ritchie --> dmac
ken:ZghOT0eRm4U9s:Ken Thompson --> p/q2-q4!
sif:IIVxQSvq1V9R2:Stuart Feldman --> axolotl
scj:IL2bmGECQJgbk:Steve Johnson --> pdq;dq
pjw:N33.MCNcTh5Qw:Peter J. Weinberger --> uucpuucp
bwk:ymVglQZjbWYDE:Brian W. Kernighan --> /.,/.,
uucp:P0CHBwE/mB51k:UNIX-to-UNIX Copy --> whatnot
srb:c8UdIntIZCUIA:Steve Bourne --> bourne
finger::The Finger Program --> (no pw but runs a program, not a login shell)
who::The Who Program --> (no password but runs a program, not a login shell)
w::The W Program --> (no password but runs a program, not a login shell)
mckusick:AAZk9Aj5/Ue0E:Kirk McKusick --> foobar
peter:Nc3IkFJyW2u7E:Peter Kessler -- ...hello
henry:lj1vXnxTAPnDc:Robert Henry --> sn74193n
jkf:9ULn5cWTc0b9E:John Foderaro --> sherril.
fateman:E9i8fWghn1p/I:Richard Fateman --> apr1744
fabry:d9B17PTU2RTlM:Bob Fabry --> 561cml..
network:9EZLtSYjeEABE:(no name listed) --> network (runs a program, not a login shell)
tty:: --> (no password but runs a program, not a login shell)
</code></pre>
It's amusing to see that even very smart people picked passwords just like people do today:<p>- spouses' names (jilland1, wendy!!!, sherril.)<p>- birth dates (apr1744 might be April 17, 1944)<p>- the first word that came to your mind (whatnot, foobar, ...hello)<p>- though a few were thoughtful (sn74193n is a synchronous binary counter from the 7400-series chip family and likely immune to dictionary attack in that era)<p>- easy to type patterns on a keyboard (/.,/., or 5%ghj)<p>- obscure words (axolotl is a Mexican walking fish)<p>- different languages (12ucdort is 1,2,3,4 in Turkish)<p>- and some people didn't care (Steve Bourne, inventor of the Bourne shell, picked "bourne")
>Did he really use uppercase letters or even special chars? (A 7-bit exhaustive search would still take over 2 years on a modern GPU.)<p>>took 4+ days on an AMD Radeon Vega64<p>I don't understand. The author first claims that it would take 2 years on a modern GPU to brute force a 7 bit password with special characters but then he is helped by Nigel Williams that cracked it on 4 days on an AMD Radeon Vega64<p>Did Nigel Williams used a better technique?
Is AMD Radeon Vega64 much faster than a "modern GPU"?
Did the author overstimated the difficulty?
Dear stargrave, I am very grateful for sharing this knowledge. It was a delight reading.With this, I realized I am almost achieving a old dream of mine since my teenager years: I understood almost everything. And came in the proper time, just as I am finishing my masters in informatics and computer engineering this year. You have my gratitude.
I’m slightly confused by the part where the author states a 7-bit search would take 2 years on a modern GPU, and the answer was found in 4 days on a Vega64. Isn’t that a modern GPU? Have I misunderstood here, or was the author’s math incorrect?
Reminds me of when I cracked the domain admin account at work so that I could install software that I needed to do my job. IT was slow and unresponsive so I figured that I would help them.
Surely this was a perhaps modified dictionary attack that solved it in the end?<p>I don't understand the comments that describe (presumably random) 10+ char passwords as "crackable".
I use a diceware[0] passphrase for my Keepass database. I was inspired heavily by XKCD comic 936[1]. My only issue with password managers is that they are a single point of failure and are juicy targets for hackers, so I usually vet them and audit them thoroughly before I use them. I am one of those rare people that actually looks at the source code of password managers to look for flaws in the implementation (I sometimes spot flaws and duly report them to the maintainers).<p>One caveat to diceware I never liked is how it wears out the keyboard over time as you have to type the same passphrase each time to open the vault (You would be surprised how many times I need to do this each day). I sometimes have to lock my database to avoid evil maid attacks when in a hotel for example. Of course I go through about three keyboards a year because of this, but I don't mind the cost if it gives me a crispy fresh keyboard each time. And did I mention I don't own merely one encrypted database, but many depending on different contexts and different devices?<p>[0] <a href="https://en.wikipedia.org/wiki/Diceware" rel="nofollow">https://en.wikipedia.org/wiki/Diceware</a><p>[1] <a href="https://www.xkcd.com/936/" rel="nofollow">https://www.xkcd.com/936/</a>
Troy, please add this breach to <a href="https://haveibeenpwned.com/Passwords" rel="nofollow">https://haveibeenpwned.com/Passwords</a>
Back when I worked in IT many years ago, one of the things I did each week was run JohnTheRipper on our password file. If it cracked your password, it sent you an email saying your password was weak and you had to change it.<p>If you were in the next week's batch, it emailed you and told you "your password is foobar, which we discovered by cracking the password file, and it is weak. You must change it". Yes, I emailed them their password in plain text using our internal email system. Jury's still out on whether that was a good idea. :)<p>The next week we just disabled your account and you had to come to IT to fix it.<p>One guy actually got fired for his password. He was already being super creepy and making the girl who sat across from him uncomfortable, but she never told anyone. Then we cracked his password, which was a very naughty phrase about the girl who sat across from him. I reported it to HR, who asked the girl, who then said he was creepy, and so they acted swiftly on the reports and got him out of there.
Dave MacArt, computer science teacher, high school
Username Mac
Passwd Cam<p>Easy brute force in 1989
I got in big trouble for it because I messed up the server.
A slight nitpick with the article - `p/q2-q4` (more commonly written as "1. d4" in modern times) is not the Closed Game, it's just the first move of it. There are many, <i>many</i> other lines after 1. d4 besides just 1. ..d5, most of them quite open!