[BusyBox 0000604]: passwd doesnt use salt with md5 passwords

bugs at busybox.net bugs at busybox.net
Mon Dec 19 13:43:53 UTC 2005


A NOTE has been added to this issue. 
====================================================================== 
http://busybox.net/bugs/view.php?id=604 
====================================================================== 
Reported By:                taviso
Assigned To:                BusyBox
====================================================================== 
Project:                    BusyBox
Issue ID:                   604
Category:                   Security
Reproducibility:            always
Severity:                   minor
Priority:                   normal
Status:                     assigned
====================================================================== 
Date Submitted:             12-19-2005 02:30 PST
Last Modified:              12-19-2005 05:43 PST
====================================================================== 
Summary:                    passwd doesnt use salt with md5 passwords
Description: 
md5 encrypted passwords are usually generated using

crypt("password", "$1$SALT");

where SALT is some random characters, however the busybox passwd command
seems to use

crypt("password", "$1$"); (ie, no salt).

====================================================================== 

---------------------------------------------------------------------- 
 taviso - 12-19-05 05:43  
---------------------------------------------------------------------- 
obviously not using a salt is a bad idea as rainbow tables have been
demonstrated as an effective attack aginst unsalted passwords.

The fix is easy enough, just construct a salt that concatenates "$1$" and
crypt_make_salt() (/loginutils/passwd.c) 

Issue History 
Date Modified   Username       Field                    Change               
====================================================================== 
12-19-05 02:30  taviso         New Issue                                    
12-19-05 02:30  taviso         Status                   new => assigned     
12-19-05 02:30  taviso         Assigned To               => BusyBox         
12-19-05 05:43  taviso         Note Added: 0000800                          
======================================================================




More information about the busybox-cvs mailing list