Extracting accounts and passwords from Novel Netware

Rink Springer rink at springer.cx
Sun Jul 30 19:19:09 GMT 2000 

Hi everyone,

Anders is correct. You see, Novell 3.12 stored the password in the so-called
'bindery', which works like the Windows Registry. Every account will is an
object, and it has a PASSWORD property. This property lists the password in
an encrypted form, as someone else posted the link to.

My advice: write a small program that extracts *all* users from the bindery
(one of the easiest things to do is use SECURITY and grep for USER NAME :)
and feed this list into adduser(8). If you need any help using this, just
ask me. Using the original passwords is a very hard thing, so I'd suggest
you drop that...

--Rink

----- Original Message -----
From: <anders at cwd.no>
To: "James Sutherland" <jas88 at cam.ac.uk>
Cc: <samba-technical at samba.org>; <samba-technical-admin at samba.org>; "Richard
Sharpe" <sharpe at ns.aus.com>
Sent: Sunday, July 30, 2000 8:15 PM
Subject: Re: Extracting accounts and passwords from Novel Netware


>
> The "optional" enctyption you are speaking of was the communication on the
> "wire".
>
> As far as I know 3.x had the passwords stored enctypted like unix, but the
> authentification could use both clear-text methodes (for pre 3.x
> compatiblity) like telnet, or encrypted like ssh (not same algorithms, but
> nice comparison...)
>
> Anders
>
>
>
>
>                     James Sutherland
>                     <jas88 at cam.ac.uk>            To:     Richard Sharpe
<sharpe at ns.aus.com>
>                     Sent by:                     cc:
samba-technical at samba.org
>                     samba-technical-admin        Subject:     Re:
Extracting accounts and passwords from Novel
>                     @samba.org                   Netware
>
>
>                     30.07.2000 18:34
>
>
>
>
>
> On Mon, 31 Jul 2000, Richard Sharpe wrote:
>
> > Hi,
> >
> > Is there a simple tool for extracting the list of accounts from a
Netware
> > server?
> >
> > Also, are plaintext password recoverable from a Netware server of any
> > vintage, or are they all hashed with such a strong hash it is not
> possible
> > to recover them?
>
> Up to about 3.x the encryption was optional, IIRC? 4.x and later (NDS)
> hash them a la Unix - you can get the encrypted version, but decryption is
> a matter of brute force, and takes serious time.
>
> A nice simple package for Netware, NT and Unix (PAM) to redirect all auth
> to a single tree, containing passwords in all the formats needed (and kept
> in sync) might be nice... Some of this is already done, but not all. IIRC,
> we'll need to have passwords in NT format for SMB support, as well as
> crypt or MD5 for Unix. It's possible to keep two distinct databases in
> sync, but being able to point everything at a single database would be
> nice...
>
>
> James.
>
>
>
>
>
>

More information about the samba-technical mailing list