Hello All,
I have an application user (INFORMIX). This is a system user. It runs processes That I am unaware of. I need to discover the user's password. I can't change it, because it will affect the processes it's runnig. Is there a utility that will allow me to 'su' to that user from root and print out the password in plain text?
i don't beleive there is a utility to do what you ask. There is a program(s) named crack that will attempt to crack the passwd, but it is an exhaustive password cracker and takes time and may not crack the encryption. Processes already running will not be affected by a passwd change. in fact, informix can be a locked user if the database is started by the rc scripts.
Passwords are never decrypted on unix, but rather, a system call is made to a function and the string you enter as the password gets encrypted, and compared to the encrypted password. If they match, you're in. Now, there are password hackers, but they donot decrypt the password file, but rather, encrypt words from a dictionary and try them against every account (by crypting/comparing) until it finds
a match.
as 98_1LE suggest use 'crack' or 'John The Ripper'
The UNIX password encryption algorithm is a 'one way' mathematical function. 'One way' means there is encryption, but no decryption possible. As MIB and 98 say, the only way to search for passwords is to encrypt passwords and compare them to the encrypted string.
This is why picking simple dictionary words as passwords is weak, because password cracking programs use an internal dictionary to encrypt and compare.
One way passwords, BTW, has limited long term usefulness. With computing power and storage prices dropping, there will come a time in the near future when it is possible for people to encrypt all possible combinations (with the salt) and query the database directly with the encrypted string. With an 8 token limitation, this is becoming closer to reality each year.