kochis:JzYn32g/oVYJI:1123:50:Allan S. Kochis:/home/kochis:/bin/cshThe password is the second entry. In this scheme it is difficult if not impossible to derive the password from its encoded format.
n | Possible selection of characters. | |||
---|---|---|---|---|
26 | 36 | 62 | 128 | |
1 | 26 | 36 | 62 | 128 |
2 | 325 | 639 | 1,891 | 8,128 |
3 | 2,600 | 7,140 | 37,820 | 341,376 |
4 | 14,950 | 58,905 | 557,845 | 10.668M |
5 | 65,780 | 376,992 | 6.471M | 264.566M |
6 | 230,230 | 1.947M | 61.474M | 5.423T |
So the larger the universe, the less exposure. If we check 1 password per
second (very slow) then checking all the combinations of 6 digits
from 128 would take about 171 years! However supercomputers are
approaching speeds of 1 nanosecond per operation. If it takes
10 operations to check a password then our time would be reduced to
15 hours!
$ls -l total 368 -rwxr-xr-x 1 ask staff 3354 Oct 30 1997 a.out -rw-r--r-- 1 ask staff 53521 Mar 24 1997 content.html -rw-r----- 1 ask staff 9903 May 8 1997 eduquote.htm -rw-r--r-- 1 ask staff 11475 Oct 30 1997 form.html -rw-r--r-- 1 ask staff 12308 Oct 30 1997 gains.html -rw-r----- 1 ask staff 42601 Oct 30 1997 index.html -rw-r--r-- 1 ask staff 2530 Oct 30 1997 timeline.html
$ ls -l subtest -rw------- 1 kochis 468 Mar 12 09:57 subtest $ chmod o+r subtest $ ls -l subtest -rw----r-- 1 kochis 468 Mar 12 09:57 subtest $ chmod 644 subtest $ ls -l subtest -rw-r--r-- 1 kochis 468 Mar 12 09:57 subtest
$grep umask /etc/profile umask 077 # set default file/dir protection
cochise : grep kochis /etc/group chpc:*:500:jnet,jones,joyce,jrk,jtan,jwatts,kantzman,karimi,kelly,kneuper,kochis userser:*:507:jbyrd,kochis,lwood,milfeld,sda,xxaf436,xxag057,xxus433,xxvd004 source:*:600:buming,dan,fwang,gary,jbyrd,jones,jwatts,karimi,kneuper,kochis examine:*:601:boisseau,chpcdba,dan,fwang,gary,jbyrd,jnet,jones,kneuper,kochis install:*:607:brux,buming,dan,fwang,gary,jbyrd,jones,karimi,kneuper,kochis,lwood cplus:*:750:anne,brux,buming,foster,fwang,jbyrd,karimi,kochis,lwood,merworth chpcadm:*:991:chpcadm,jones,kneuper,kochis,mamali,merworth,xxag057 xxam:*:1991:kochis,xxam226or by running the groups command.
cochise: groups xxam chpc userser source examine install cplus chpcadm xxamAny files created in any of these groups that allow group access, I can use. A file can have its group changed to any group you belong to.
cochise : ls -alg trip -rw-rw-r-- 1 chpc 3379 Aug 2 1993 trip cochise : chgrp userser trip cochise : ls -alg trip -rw-rw-r-- 1 userser 3379 Aug 2 1993 trip
$ ls -al *.cgi -rwsr-xr-x 1 www web 5273 Mar 23 10:56 getstat.cgi -rwxr-sr-x 1 www web 643 Mar 25 13:14 mich.cgi
$ find /stage -perm -0002 -print /stage/Cate/birds.gif /stage/Cate/jobs/jobs.txt /stage/Cate/jobs/trk_num $ find /stage -perm -0002 -print | wc -l 259
$ cat junk The rain in Spain stays mainly on the plain. $ $ crypt -s ask <junk >new $ cat new (m.mPRwt-tG-i;md}jF#Ajl $ rm junk $ crypt -s ask <new >junk $ cat junk The rain in Spain stays mainly on the plain. $