Pre par godina je na nekom backup-u nađen stari etc/password fajl iz prve verzije BSD 3 Unix-a, i tu su lozinke ljudi koji su ga pravili, između ostalih i velikih imena kao što su Brian W. Kernighan, Dennis Ritchie, Ken Thompson, Bill Joy (osnivač SUN-a), Steve Bourne (tvorac bourne shell-a)...
I od tad razni hakeri pokušavaju da grubom silom nađu koje su password-e dotični koristili. Danas je "pao" Ken Thompson, čiji je password bio p/q2-q4! što je u nekoj opskurnoj šahovskoj notaciji oznaka za "kraljičin pion dva polja unapred", što bismo mi rekli d2d4, uvod u damin gambit i neka druga otvaranja... Što ima logike jer se Thompson bavio i šahovskim programima.
Evo svih password-a, za sada se još "drži" Bill Joy čija lozinka nije provaljena.
root:OVCPatZ8RFmFY:Ernie Co-vax --> cowperso
daemon:*:The devil himself --> (login not allowed)
bill:.2xvLVqGHJm8M:Bill Joy --> (password still unknown)
ozalp:m5syt3.lB5LAE:Ozalp Babaoglu --> 12ucdort
sklower:8PYh/dUBQT9Ss:Keith Sklower --> theik!!!
kridle:4BkcEieEtjWXI:Bob Kridle --> jilland1
kurt:olqH1vDqH38aw:Kurt Shoens --> sacristy
schmidt:FH83PFo4z55cU:Eric Schmidt --> wendy!!!
hpk:9ycwM8mmmcp4Q:Howard Katseff --> graduat;
tbl:cBWEbG59spEmM:Tom London --> ..pnn521
jfr:X.ZNnZrciWauE:John Reiser --> 5%ghj
mark:Pb1AmSpsVPG0Y:Mark Horton --> uio
dmr:gfVwhuAMF0Trw:Dennis Ritchie --> dmac
ken:ZghOT0eRm4U9s:Ken Thompson --> p/q2-q4!
sif:IIVxQSvq1V9R2:Stuart Feldman --> axolotl
scj:IL2bmGECQJgbk:Steve Johnson --> pdq;dq
pjw:N33.MCNcTh5Qw:Peter J. Weinberger --> uucpuucp
bwk:ymVglQZjbWYDE:Brian W. Kernighan --> /.,/.,
uucp:P0CHBwE/mB51k:UNIX-to-UNIX Copy --> whatnot
srb:c8UdIntIZCUIA:Steve Bourne --> bourne
finger::The Finger Program --> (no pw but runs a program, not a login shell)
who::The Who Program --> (no password but runs a program, not a login shell)
w::The W Program --> (no password but runs a program, not a login shell)
mckusick:AAZk9Aj5/Ue0E:Kirk McKusick --> foobar
peter:Nc3IkFJyW2u7E:Peter Kessler -- ...hello
henry:lj1vXnxTAPnDc:Robert Henry --> sn74193n
jkf:9ULn5cWTc0b9E:John Foderaro --> sherril.
fateman:E9i8fWghn1p/I:Richard Fateman --> apr1744
fabry:d9B17PTU2RTlM:Bob Fabry --> 561cml..
network:9EZLtSYjeEABE:(no name listed) --> network (runs a program, not a login shell)
tty:: --> (no password but runs a program, not a login shell)
Najgori od sve dece :) je Steve Bourne koji je za lozinku izabrao... bourne. Nije mnogo bolji ni Brian Kernighan koji je koristio /.,/., radi lakšeg kucanja. Ili Dennis Ritchie, koji je stavio dmac. Neki su koristili datum rođenja (Fateman), imena žena/devojaka (jilland1, wendy!!!, sherril.), neku običnu reč tipa whatnot, foobar, hello)... Od boljih pokušaja, Robert Henry je koristi sn74193n što je binarni counter na 7400 familiji čipova, Stuart Feldman je stavio axolotl što je nekakva meksička amfibija koju zovu "hodajuća riba", a Ozalp Babaoglu - ko god da je to, ali očito Turčin - je koristio 12ucdort što je 1, 2, 3, 4 na turskom jeziku :)
Pa sad vi vidite koji password koristite, možda će - kad postanete slavni - kroz 50 godina neko naći backup vašeg kompjutera pa tadašnjim daleko bržim mašinama krekovati vaš hash...
Pozdrav, Dejan
09oct2019 · Ken Thompson's Unix password
Somewhere around 2014 I found an /etc/passwd file in some dumps of the BSD 3 source tree, containing passwords of all the old timers such as Dennis Ritchie, Ken Thompson, Brian W. Kernighan, Steve Bourne and Bill Joy.
Since the DES-based crypt(3) algorithm used for these hashes is well known to be weak (and limited to at most 8 characters), I thought it would be an easy target to just crack these passwords for fun.
Well known tools for this are john and hashcat.
Quickly, I had cracked a fair deal of these passwords, many of which were very weak. (Curiously, bwk used /.,/.,, which is easy to type on a QWERTY keyboard.)
However, kens password eluded my cracking endeavor. Even an exhaustive search over all lower-case letters and digits took several days (back in 2014) and yielded no result. Since the algorithm was developed by Ken Thompson and Robert Morris, I wondered what’s up there. I also realized, that, compared to other password hashing schemes (such as NTLM), crypt(3) turns out to be quite a bit slower to crack (and perhaps was also less optimized).
Did he really use uppercase letters or even special chars? (A 7-bit exhaustive search would still take over 2 years on a modern GPU.)
The topic came up again earlier this month on The Unix Heritage Society mailing list, and I shared my results and frustration of not being able to break kens password.
Finally, today this secret was resolved by Nigel Williams:
From: Nigel Williams <nw@retrocomputingtasmania.com>
Subject: Re: [TUHS] Recovered /etc/passwd files
ken is done:
ZghOT0eRm4U9s:p/q2-q4!
took 4+ days on an AMD Radeon Vega64 running hashcat at about 930MH/s
during that time (those familiar know the hash-rate fluctuates and
slows down towards the end).
This is a chess move in descriptive notation, and the beginning of many common openings. It fits very well to Ken Thompson’s background in computer chess.
I’m very happy that this mystery has been solved now and I’m pleased of the answer.
[Update 16:29: fix comment on chess.]
NP: Mel Stone—By Now