What is the password of Ken Thompson, the father of Unix, who was broken after 5 years?
by
Ken Thompson , an American computer scientist, is also known for developing UNIX , an operating system often used for servers. Mr. Thompson gave a compliment when it was revealed that the password used by Mr. Thompson was finally broken through over five years after the discovery of the encrypted file.
leah blogs: Ken Thompson's Unix password
https://leahneukirchen.org/blog/archive/2019/10/ken-thompson-s-unix-password.html
Father of Unix Ken Thompson checkmated as his old password has finally been cracked • The Register
https://www.theregister.co.uk/2019/10/09/ken_thompsons_old_unix_password_cracked/
2014, rear-Neukirchen's engineers is a hacker friend of Mr. Thompson, a group of developers of the University of California, Berkeley is a software group that has been developed and distributed BSD had been stored in the distribution page of the '/ etc / I found an old file from the source tree 'passwd'.
I was interested in the passwords used by legendary engineers such as Thompson, Dennis Richie , Brian Carnihan , Steven Bourne , Bill Joy , and others who worked on UNIX development with Thompson. Mr. Neukirchen started analyzing the hash code contained in the file.
Ken Thompson (left) and Dennis Richie (right).
by public domain
At the time when Thompson was developing UNIX, the algorithm called DES- based crypt (3 ) was vulnerable to a maximum of 8 characters, so Mr. Neukirchen expects to know the password immediately. did.
In fact, Neukirchen was able to easily identify 20 hash code / password combinations. The combinations of hash codes and passwords that Neukirchen found are as follows.
gfVwhuAMF0Trw: dmac
Pb1AmSpsVPG0Y: uio
ymVglQZjbWYDE: /.,/.,
c8UdIntIZCUIA: bourne
AAZk9Aj5 / Ue0E: foobar
E9i8fWghn1p / I: apr1744
IIVxQSvq1V9R2: axolotl
9EZLtSYjeEABE: network
P0CHBwE / mB51k: whatnot
Nc3IkFJyW2u7E: ... hello
olqH1vDqH38aw: sacristy
9ULn5cWTc0b9E: sherril.
N33.MCNcTh5Qw: uucpuucp
FH83PFo4z55cU : wendy !!!
OVCPatZ8RFmFY: cowperso
X.ZNnZrciWauE: 5% ghj
IL2bmGECQJgbk: pdq; dq
4BkcEieEtjWXI: jilland1
8PYh / dUBQT9Ss : theik !!!
lj1vXnxTAPnDc: sn74193n
In the password, you can see the name of one of the developers, Bourne, and simple words such as “network” and “hello”. However, only five passwords including the hash code 'ZghOT0eRm4U9s' that Mr. Thompson used are difficult to solve.
Mr. Neukirchen thoroughly checked the combination of lowercase letters and numbers over several days because other developers used lowercase letters that could be entered easily with the keyboard, but eventually the password could not be broken through did. For this reason, but 'Mr. Thompson capitalization and or not than with a special character?' Now to think that, when you search per total to uppercase or special characters, the latest GPU because it takes, even seven years, Abandon the analysis. We asked for support from hackers using the mailing list.
While Neukirchen's hackers were all trying to analyze, Australian engineer Nigel Williams finally succeeded in breaking Thompson's password. Mr. Williams in the 'I beat Mr. Thompson of Thompson's hash code and password combination is' ZghOT0eRm4U9s: p / q2-q4 is '.!' Mailing list and has declared .
At first glance, “p / q2-q4!” Looks like a mathematical formula, but in fact this is an old notation that represents the movement of a piece in a chess game . It means ' Pawns in the line move forward 2 squares '.
This hand, called “ Queen's Pawn Opening ”, can dominate the center of the board at the beginning of the game, so it is one of the most commonly used hands, not only as a software developer but as a computer chess player It can be said that this password is unique to Mr. Thompson.
According to Williams, the analysis of this password was done over 4 days using AMD's ' Radeon RX Vega 64 ' and analysis software hashcat .
Mr. Thompson, who knew this on the mailing list, replied 'Congratulations' and rewarded Williams for his work.
Related Posts:
