Welcome to my site. Please CLICK HERE to give your opinions regarding this new look of "PCTipsbyAnu". Thanks for visiting.

Monday, November 8, 2010

Browse » Home » , , , » What is password shadowing n Where you can find the shadowed password?

What is password shadowing n Where you can find the shadowed password?




Password shadowing is a securitysystem where the encrypted password field of /etc/passwd is replaced with aspecial token and the encrypted password is stored in a separate file which isnot readable by normal system users.

On older systems, password shadowingwas often defeated by using a program that made successive calls to getpwent()to obtain the entire password file.

Example (Fully programming "C"):




Where can I find the passwordfile if it's shadowed?



Unix
Path
Token
AIX 3 and AIX 4
/etc/security/passwd
!
or
/tcb/auth/files/<first letter
of username>/<username>
#
A/UX 3.0s
/tcb/files/auth/?/*

BSD4.3-Reno
/etc/master.passwd
*
ConvexOS 10
/etc/shadpw
*
ConvexOS 11
/etc/shadow
*
DG/UX
/etc/tcb/aa/user/
*
EP/IX
/etc/shadow
x
HP-UX
/.secure/etc/passwd
*
IRIX 5
/etc/shadow
x
Linux 1.1
/etc/shadow
*
OSF/1
/etc/passwd[.dir|.pag]
*
SCO Unix 3.2.x
/tcb/auth/files/<first letter
of username>/<username>
*
SunOS4.1+c2
/etc/security/passwd.adjunct
##username
SunOS 5.0 / Solaris 2.x
/etc/shadow


<optional NIS+ private secure
maps>
System V Release 4.0
/etc/shadow
x
System V Release 4.2
/etc/security/* database

Ultrix 4
/etc/auth[.dir|.pag]
*
UNICOS
/etc/udb
*


Enjoy hacking...
You can leave a response, or trackback from your own site.

About 'Anu': My name is 'Anu' also Known as 'ANU 007 TIGER' .I'm administrator of 'PC Tips by Anu' blog .This blog was opened for sharing contents about hacking n cracking.
Thanks YAHOO OR GMAIL

0 comments:

Post a Comment

 
Back to Top