Re: [code] password retrieval Heilpern" at Aug 31, 98 04:19:00 pm

From: Andrew Helm (ashe@IGLOU.COM)
Date: 08/31/98

On Mon, 31 Aug 1998, Mark A. Heilpern wrote:
> At 05:53 AM 8/31/98 -0700, you wrote:
> >anyone know how to unencrypt? please share.
> If the encryption mechanism is the standard unix crypt()
> function, you can try a dictionary search to guess at
> the password key, or you can do a brute force search which
> covers up to 8 characters.

There's a nice program called Crack that does this. Check out the
tools dir on cert's ftp site.

Unfortunately, Circle only uses the first ten characters (including
the salt) of the encrypted password. Hacking Crack's source to
handle the truncated passwords should work, or just change
MAX_PWD_LENGTH in structs.h to something sensible.

(Slight digression: How about officially changing the player file
  format to include the circlemud_version number at the beginning
  of the file? That would make it possible to change things like
  MAX_PWD_LENGTH between distributions and then automatically
  read/convert player files. If there's no version number assume
  the file is in the pre-version number format.)

Also on cert's ftp site is a library called Cracklib which detects
easily guessable passwords. It's easy to code Circle to use it, but
here's some easy to follow instructions just in case:

  1) Download and install Cracklib.
     (Note: Cracklib is installed in many Linux distributions.
            You probably already have it :)
  2) Edit the Makefile to include -lcrack
     (Note: If you configure again you'll have to redo this change)
  3) In conf.h add a line like this after the CIRCLE_CRYPT part:

/* Define if using cracklib */
#define CIRCLE_CRACK 1

  4) In sysdep.h after the HAVE_CRYPT_H add something like this:

#include <crack.h>

  5) At the very end of utils.h add a #define for CRACKDICT_PATH.
     It should be the path to the Cracklib dictionaries. See the
     Cracklib documentation for more info.

  6) Finally, make the following changes to nanny() in interpreter.c:

+#if defined(CIRCLE_CRACK) && defined (CIRCLE_CRYPT)
+    *buf = '\0';
+    if (strlen(arg) > MAX_PWD_LENGTH)
+      sprintf(buf, "\r\nIllegal password: password too long");
+    else if (!str_cmp(arg, GET_NAME(d->character)))
+      sprintf(buf, "\r\nIllegal password: don't use your own name");
+    else {
+      str = FascistCheck(arg, CRACKDICT_PATH);
+      if (str)
+        sprintf(buf, "\r\nIllegal password: %s", str);
+    }
+    if (*buf) {
+      SEND_TO_Q(buf, d);
+      SEND_TO_Q("\r\nPassword: ", d);
+      return;
+    }
+ #else
     if (!*arg || strlen(arg) > MAX_PWD_LENGTH || strlen(arg) < 3 ||
         !str_cmp(arg, GET_NAME(d->character))) {
       SEND_TO_Q("\r\nIllegal password.\r\n", d);
       SEND_TO_Q("Password: ", d);
+ #endif
---END CODE---

Encrypting player's passwords only provides the slightest amount of
protection since access to a Circlemud's playerfile usually means
your security is shot anyhow. Why crack the password when you've
got the mudpasswd util? :)

     | Ensure that you have read the CircleMUD Mailing List FAQ:  |
     | |

This archive was generated by hypermail 2b30 : 12/15/00 PST