?
Solved

Cobalt Raq 4 Password.

Posted on 2003-03-14
9
Medium Priority
?
331 Views
Last Modified: 2010-03-04
Hi

I need to get access to a password on my Sun Cobalt Raq 4 server.
The client has lost thier password but does not want to change it.

Is ther a way I can find out what a password is set to.

I have root access.

Kind Regards

NTU
0
Comment
Question by:ntu
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
9 Comments
 
LVL 8

Expert Comment

by:heskyttberg
ID: 8139706
Hi!

There is no straightforward way of doing this!
If client lost password, why do they want to keep it ?
Just give them a new one, and if they ever figure out what they had, tell them they can get that one back at a later time.

Regards
/Hans - Erik Skyttberg
0
 
LVL 15

Expert Comment

by:samri
ID: 8143018
Hi NTU,

I do not have much experience on the specified products.
However, if the OS platform is UNIX, (most likely), chances are the password would be kept somewhere in the Cobalt config directory.

And even if you could locate the password file, chances are the password would be encrypted -- and would be not easy to reverse the  encryption (I think it's close to impossible).

So the best option would be assigning new password (just like Hans proposed).  I would believe that your client would settle for it if you could explain the scenario.

OR, if you still insist -- if you had the password file, you could try to crack the password (I think it will be long to crack -- the longer the password, the longer it takes).

So, try to settle for the new password approach.

0
 

Author Comment

by:ntu
ID: 8143218
Hi Samri

Thanks for the ideas.

To go into detail a bit more and to give a better reason to find that password. I moved there site from a the cobalt raq 4 (runs on linux) to a new Raq 550 Raid.
They have about 10 users which are collect email from my raq using a mail server which they no longer have got someone there to configure it. All the other email accounts where fine because they had writen list of passwords except one of them. So the move went fine with the other users because their mail server is still collecting from the same smtp sever name.

I have used hack software for windows NT sam files in the past which has worked very well, usually takes about 2 days on a dual pentium 4 machine. Some bad passwords are cracked in a matter of seconds.

I have thought, may be I am approaching this from the wrong angel. Does any one have any knoledge of using a packet sniffer. In that way I could see the password in plain text being sent to the server, when their mail server goes to collect the mail.

Any thoughts.

NTU

0
Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

 
LVL 8

Accepted Solution

by:
heskyttberg earned 1000 total points
ID: 8144497
Hi!

Just go to netwrk section of www.tucows.com.

There are a bunh of sniffers availible.

Regards
/Hans - Erik Skyttberg
0
 
LVL 15

Assisted Solution

by:samri
samri earned 1000 total points
ID: 8146690
hi Ntu,

Well, it do sound like a different story (or maybe the way I see it).

Yes, Tucow or even Google, can be used to locate such tools.  

Ethereal could be used (http://www.ethereal.com/).

>> In that way I could see the password in plain text being sent to the server, when their mail server goes to collect the mail.

Well again, why do we need to be "sniffing" around while we could get to the respective client mail server, and lookup the password.

(or maybe I am a bit off the track here :)

cheers.


0
 
LVL 1

Expert Comment

by:digitalwav
ID: 8294041
I understand the situation- it seems like the client *can't* change the password at the mail client end, if they could the password change would be very easy.

I would think the sniffing method would be quite easy, but the password file should be easier if you have the file.
0

Featured Post

Get real performance insights from real users

Key features:
- Total Pages Views and Load times
- Top Pages Viewed and Load Times
- Real Time Site Page Build Performance
- Users’ Browser and Platform Performance
- Geographic User Breakdown
- And more

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Introduction As you’re probably aware the HTTP protocol offers basic / weak authentication, which in combination with the relevant configuration on your web server, provides the ability to password protect all or part of your host.  If you were not…
It is possible to boost certain documents at query time in Solr. Query time boosting can be a powerful resource for finding the most relevant and "best" content. Of course the more information you index, the more fields you will be able to use for y…
In this brief tutorial Pawel from AdRem Software explains how you can quickly find out which services are running on your network, or what are the IP addresses of servers responsible for each service. Software used is freeware NetCrunch Tools (https…
Monitoring a network: how to monitor network services and why? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the philosophy behind service monitoring and why a handshake validation is critical in network monitoring. Software utilized …
Suggested Courses
Course of the Month11 days, 10 hours left to enroll

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question