Extracting accounts and passwords from Novel Netware
anders at cwd.no
anders at cwd.no
Sun Jul 30 18:15:21 GMT 2000
The "optional" enctyption you are speaking of was the communication on the
"wire".
As far as I know 3.x had the passwords stored enctypted like unix, but the
authentification could use both clear-text methodes (for pre 3.x
compatiblity) like telnet, or encrypted like ssh (not same algorithms, but
nice comparison...)
Anders
James Sutherland
<jas88 at cam.ac.uk> To: Richard Sharpe <sharpe at ns.aus.com>
Sent by: cc: samba-technical at samba.org
samba-technical-admin Subject: Re: Extracting accounts and passwords from Novel
@samba.org Netware
30.07.2000 18:34
On Mon, 31 Jul 2000, Richard Sharpe wrote:
> Hi,
>
> Is there a simple tool for extracting the list of accounts from a Netware
> server?
>
> Also, are plaintext password recoverable from a Netware server of any
> vintage, or are they all hashed with such a strong hash it is not
possible
> to recover them?
Up to about 3.x the encryption was optional, IIRC? 4.x and later (NDS)
hash them a la Unix - you can get the encrypted version, but decryption is
a matter of brute force, and takes serious time.
A nice simple package for Netware, NT and Unix (PAM) to redirect all auth
to a single tree, containing passwords in all the formats needed (and kept
in sync) might be nice... Some of this is already done, but not all. IIRC,
we'll need to have passwords in NT format for SMB support, as well as
crypt or MD5 for Unix. It's possible to keep two distinct databases in
sync, but being able to point everything at a single database would be
nice...
James.
More information about the samba-technical
mailing list