Sometime in 2014, in BSD 3 source tree dumps, I found the file
For these hashes, the algorithm was used
We take standard bruter
Pretty quickly, I cracked a lot of passwords, most of which were very weak (curiously, bwk used the password /.,/.,,
- it is easy to type on a QWERTY keyboard).
But Ken's password was unbreakable. Even a complete search of all lowercase letters and numbers (a few days in 2014) did not give a result. Since the algorithm was developed by Ken Thompson and Robert Morris, I was wondering what was the matter. I also realized that, compared to other password hashing schemes like NTLM, crypt(3) is quite slow to brute force (perhaps less optimized).
Did he use uppercase letters or even special characters? (A 7-bit full brute force would take over two years on a modern GPU).
In early October, this topic
Finally, today Nigel Williams revealed this secret:
From: Nigel Williams[email protected]>
Subject: Re: [TUHS] Restoring /etc/passwd filesKen is ready
ZghOT0eRm4U9s:p/q2-q4!
It took more than four days on an AMD Radeon Vega64 in hashcat at about 930MH/s (those in the know that hashrate fluctuates and drops towards the end).
This is the first pawn move two squares in
I am very glad that the mystery was solved, and the result is so pleasant.
Source: habr.com