Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP Posting-Version: version B 2.10.1 6/24/83; site pyramid.UUCP Path: utzoo!watmath!clyde!burl!ulysses!mhuxr!mhuxb!mhuxn!mhuxm!mhuxj!houxm!whuxlm!harpo!decvax!decwrl!pyramid!ena From: ena@pyramid.UUCP (Eric Aubery) Newsgroups: net.sources Subject: Find Trivial Passwords Message-ID: <215@pyramid.UUCP> Date: Fri, 8-Feb-85 15:10:53 EST Article-I.D.: pyramid.215 Posted: Fri Feb 8 15:10:53 1985 Date-Received: Sun, 10-Feb-85 05:35:54 EST Distribution: net Organization: Pyramid Technology Lines: 132 Here's a little shell script and program that test to see if any of the users on your system are joes. A joe is defined as someone who uses their login name as their password. The joes will be identified as being NOT SECURE. I was amazed that on all the systems I tried there was always at least one joe. On some there were as many as 20% joes. The shell scripts are identified as ATT for Bell derivatives, BSD for Berkely derivatives, and PYR for Pyramid dual universe systems. Well actually there all pretty similar. Format is shar archive: +++++++++++++++++++++++++ CUT HERE +++++++++++++++++++++++++++++++++++++ # -------- joetest.ATT -------- echo extracting file joetest.ATT cat \<\< THE_END \> joetest.ATT # /bin/sh TMP1=/tmp/jt$$ PSWD=${1-"/etc/passwd"} cut -d: -f1,2 $PSWD > $TMP1 ed - $TMP1 < joetest.BSD # /bin/sh TMP1=/tmp/jt$$ PSWD=${1-"/etc/passwd"} #cut -d: -f1,2 $PSWD > $TMP1 cp $PSWD $TMP1 chmod 777 $TMP1 ed - $TMP1 < joetest.PYR # /bin/sh TMP1=/tmp/jt$$ PSWD=${1-"/etc/passwd"} att cut -d: -f1,2 $PSWD > $TMP1 ed - $TMP1 < makekey.c #includechar *crypt(); main(argc,argv) char *argv[]; { char key[80]; char *salt; int i,yes; if( argc < 3 ) { /* fprintf(stderr,"Usage makekey salt key\n"); */ exit(1); } salt = argv[1]; yes = 0; for(i=0;i<8;i++) if(yes || argv[2][i] == '\0') { key[i] = '\0'; yes++; } else key[i] = argv[2][i]; printf("%s %s\n",key, crypt(key, salt)); return(0); } THE_END echo Done with extraction -- Eric N. Aubery pyramid!ena { dual }!pyramid!ena Pyramid Technology Corporation, Mtn. View Califonia