Link to home
Start Free TrialLog in
Avatar of ntu
ntu

asked on

Cobalt Raq 4 Password.

Hi

I need to get access to a password on my Sun Cobalt Raq 4 server.
The client has lost thier password but does not want to change it.

Is ther a way I can find out what a password is set to.

I have root access.

Kind Regards

NTU
Avatar of heskyttberg
heskyttberg

Hi!

There is no straightforward way of doing this!
If client lost password, why do they want to keep it ?
Just give them a new one, and if they ever figure out what they had, tell them they can get that one back at a later time.

Regards
/Hans - Erik Skyttberg
Hi NTU,

I do not have much experience on the specified products.
However, if the OS platform is UNIX, (most likely), chances are the password would be kept somewhere in the Cobalt config directory.

And even if you could locate the password file, chances are the password would be encrypted -- and would be not easy to reverse the  encryption (I think it's close to impossible).

So the best option would be assigning new password (just like Hans proposed).  I would believe that your client would settle for it if you could explain the scenario.

OR, if you still insist -- if you had the password file, you could try to crack the password (I think it will be long to crack -- the longer the password, the longer it takes).

So, try to settle for the new password approach.

Avatar of ntu

ASKER

Hi Samri

Thanks for the ideas.

To go into detail a bit more and to give a better reason to find that password. I moved there site from a the cobalt raq 4 (runs on linux) to a new Raq 550 Raid.
They have about 10 users which are collect email from my raq using a mail server which they no longer have got someone there to configure it. All the other email accounts where fine because they had writen list of passwords except one of them. So the move went fine with the other users because their mail server is still collecting from the same smtp sever name.

I have used hack software for windows NT sam files in the past which has worked very well, usually takes about 2 days on a dual pentium 4 machine. Some bad passwords are cracked in a matter of seconds.

I have thought, may be I am approaching this from the wrong angel. Does any one have any knoledge of using a packet sniffer. In that way I could see the password in plain text being sent to the server, when their mail server goes to collect the mail.

Any thoughts.

NTU

ASKER CERTIFIED SOLUTION
Avatar of heskyttberg
heskyttberg

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
I understand the situation- it seems like the client *can't* change the password at the mail client end, if they could the password change would be very easy.

I would think the sniffing method would be quite easy, but the password file should be easier if you have the file.