1What is the password for the user Ashok in the shadow file

1.What is the password for the user Ashok in the shadow file? If you could not decrypt it, why do you believe it was difficult/impossible to decrypt? If you did decrypt it, what is the tool you used; the sequence of commands you executed; and why it was easy/possible to crack?

5. What is the password for the user Shelly in the shadow file? If you could not decrypt it, why do you believe it was difficult/impossible to do it? If you did decrypt it, what is the tool you used; the sequence of commands you executed; and why it was easy/possible to crack? SHADOW FILE CONTENTS Ashok:$1$sDiWKGmv$Mwlr2VTkNYGCh2t1Ihw/U1:16335:0:99999:7:::

John:$1$MVzHNoFG$bAVv/YnfgiKsIsJAg8N6B/:16335:0:99999:7:::

Kelly:$1$FIXR2eQY$hMKO39.3Mm.jPxe55OI3y/:16335:0:99999:7:::

Acm:$1$lOu4OQe5$ArdrZ2KbiCcDZxA95gywO0:16335:0:99999:7:::

Andrew:$1$fppSYIwG$vKRPqssM89Ml8sP7UGvA70:16335:0:99999:7:::

Mac:$1$.Q0J2Iyo$l9.r8DEgpPilfMZbQLJEm1:16335:0:99999:7:::

Shelly:$1$4lNL.D/r$eS6v926laXXLzNxwDCIXh/:16335:0:99999:7:::

Sandy:$1$jdKXpFCT$3/bbvmXLcZxHJQsUkD2Cu1:16335:0:99999:7:::

Brian:$1$yjN6xNaf$haadDXsnPerqfX55ibA9E1:16335:0:99999:7:::

Pavol:$1$ng/7j2M7$6j14p3zJMApaYeYti8WVR.:16335:0:99999:7:::

Solution

Answer-

The shadow file stores actual password in encrypted format for user’s account with additional properties related to user password i.e. it stores secure user account information. All fields are separated by a colon (:) symbol. It contains one entry per line for each user.

The shadow file fields contains the username, the encrypted password, the days since Jan 1,1970 the password was last changed, the minimum no. of days the password must be left unchanged, the maximum no. of days the password is valid, warning no. of days before password expiry, number of days after expiry before disabling the account and the absolute days since Jan 1, 1970 the account was disabled.

a. Here, Ashok:$1$sDiWKGmv$Mwlr2VTkNYGCh2t1Ihw/U1:16335:0:99999:7:::

Ashok is username and $1$sDiWKGmv$Mwlr2VTkNYGCh2t1Ihw/U1 is encrypted password. $1 numerical number tell\'s that MD5 hashing algorithm is used and the field between second and third $ is salt value(random data generated to combine with original password) i.e. sDiWKGmv. This salt helps prevent against dictionary attacks and helps prevent cascades from brute force attacks. Therefore the password cannot be decrypted easily.

b. In Shelly:$1$4lNL.D/r$eS6v926laXXLzNxwDCIXh/:16335:0:99999:7:::

Shelly is the username and $1$4lNL.D/r$eS6v926laXXLzNxwDCIXh/ is encrypted password. $1 numerical number tell\'s that MD5 hashing algorithm is used and the field between second and third $ is salt value(random data generated to combine with original password) i.e. 4lNL.D/r. This salt helps prevent against dictionary attacks and helps prevent cascades from brute force attacks. Therefore the password cannot be decrypted easily.