This is why you usually use salted hashes for passwords - to make this
attack much more difficult.
-----Original Message-----
From: midrange-l-bounces+l.beeler=dataline.ch@xxxxxxxxxxxx
[
mailto:midrange-l-bounces+l.beeler=dataline.ch@xxxxxxxxxxxx] On Behalf
Of Walden H. Leverich
Sent: Tuesday, July 03, 2007 4:46 PM
To: Midrange Systems Technical Discussion
Subject: RE: Where are the System i password storeds?
And, everybody and their brother peddles a product that will tell
you user profiles with easy passwords. Obviously they've figured out a
hack.
Can't speak for how others do it, but if I was going to do it, it's
relatively simple. Since you can retrieve the encrypted (er, hashed)
password via the QSYRUPWD API, and since that API is specifically
designed to allow you to move the password to another machine it follows
that the hash isn't machine specific. Therefore, on my machine I could
take a list of, say, 10,000 "easy" passwords and for each one, change a
user profile to have that password, and then retrieve the encrypted
password via the api. When I was done I'd have a x-ref between encrypted
passwords and their original value. Then on any other machine I could
retrieve the encrypted password from a profile and compare it to my
list. If it's in my list then you have an "easy" password.
-Walden
--
Walden H Leverich III
Tech Software
(516) 627-3800 x3051
WaldenL@xxxxxxxxxxxxxxx
http://www.TechSoftInc.com
Quiquid latine dictum sit altum viditur.
(Whatever is said in Latin seems profound.)
As an Amazon Associate we earn from qualifying purchases.