But you must first have access to the profile. You have to have a valid
profile on the system to run the API and access to the profiles. If
your profiles are owned by QSECOFR with *Public *Exclude such as the
following profile on one of my V5R3 Systems
Edit Object Authority
Object . . . . . . . : CHRISB Owner . . . . . . . :
QSECOFR
Library . . . . . : QSYS Primary group . . . : *NONE
Object type . . . . : *USRPRF ASP device . . . . . :
*SYSBAS
Type changes to current authorities, press Enter.
Object
User Group Authority
*PUBLIC *EXCLUDE
QSECOFR *ALL
CHRISB USER DEF
Chris Bipes
Director of Information Services
CrossCheck, Inc.
-----Original Message-----
From: midrange-l-bounces+chris.bipes=cross-check.com@xxxxxxxxxxxx
[
mailto:midrange-l-bounces+chris.bipes=cross-check.com@xxxxxxxxxxxx] On
Behalf Of Walden H. Leverich
Sent: Tuesday, July 03, 2007 7:46 AM
To: Midrange Systems Technical Discussion
Subject: RE: Where are the System i password storeds?
And, everybody and their brother peddles a product that will tell
you user profiles with easy passwords. Obviously they've figured out a
hack.
Can't speak for how others do it, but if I was going to do it, it's
relatively simple. Since you can retrieve the encrypted (er, hashed)
password via the QSYRUPWD API, and since that API is specifically
designed to allow you to move the password to another machine it follows
that the hash isn't machine specific. Therefore, on my machine I could
take a list of, say, 10,000 "easy" passwords and for each one, change a
user profile to have that password, and then retrieve the encrypted
password via the api. When I was done I'd have a x-ref between encrypted
passwords and their original value. Then on any other machine I could
retrieve the encrypted password from a profile and compare it to my
list. If it's in my list then you have an "easy" password.
midrange.com
