|
A few Unix password hackers
NOTICE: TO ALL CONCERNED Certain text files and messages contained on this site deal with activities and devices which would be in violation of various Federal, State, and local laws if actually carried out or constructed. The webmasters of this site do not advocate the breaking of any law. Our text files and message bases are for informational purposes only. We recommend that you contact your local law enforcement officials before undertaking any project based upon any information obtained from this or any other web site. We do not guarantee that any of the information contained on this system is correct, workable, or factual. We are not responsible for, nor do we assume any liability for, damages resulting from the use of any information on this site.
/* Found and distributed by Sauron
* This file contains two unix password hackers, found on a local
* system. Apparently they were written for sysops to test their
* systems - and that's all we're doing, right?
*/
/* pverify - A Unix System Password Security Checker
*
* This procedure is intended for those who are concerned
* about password security. As more Unix applications, notably
* uucp and sendmail, are made more secure, the weak link in
* system security remains the user-chosen password.
*
* This program reports on users whose passwords are "suspect":
* too easily guessable.
*
* Usage (on Berkeley Unix)
* cc -O pverify.c -o pverify
* nohup nice -20 pverify > p.out &
* chmod 600 p.out
* /etc/renice 20 -p `ps aux | egrep "[0-9] pverify | awk '{print $2}'
*
* Monitor progress with: tail -f 100 p.out
*/
#include <stdio.h>
#include <pwd.h>
#include <sys/types.h>
#include <sys/times.h>
#include <sys/param.h>
#define MAXWORD 30
char *crypt();
char fname[80];
char storage[64];
char pass[64];
struct passwd *getpwent();
struct passwd *pptr;
char reduced[40], two[3];
char notreduced[40];
FILE *fp;
char *fgets();
char word[MAXWORD];
main(argc,argv)
int argc;
char **argv;
{
register i;
int usercnt,found,crypts;
long tim;
struct tms clock1,clock2;
usercnt = found = crypts = 0;
fp = fopen("/usr/dict/words","r");
pptr = getpwent();
times(&clock1);
while (pptr != NULL) {
usercnt++;
printf("Investigating user %s\n",pptr->pw_name); fflush(stdout);
strcpy(notreduced,pptr->pw_passwd);
for (i = 0; i < strlen(pptr->pw_passwd); i++) {
if (i >= 2)
reduced[i-2] = pptr->pw_passwd[i];
if (i < 2)
two[i] = pptr->pw_passwd[i];
}
while (fgets(word,MAXWORD,fp) != NULL) {
word[strlen(word)-1] = NULL;
if (strlen(word) >= 6) { /* check only words of right length */
if (strcmp(crypt(word,two),notreduced) == 0) {
printf("\t*** %s %s ***\n",pptr->pw_name,word);
found++;
}
crypts++;
}
}
fseek(fp,0,0);
pptr = getpwent();
}
times(&clock2);
endpwent();
printf("Statistics: Found %d in %d users (%3.1f%%)\n",
found,usercnt,((float)found/(float)usercnt)*100.0);
tim = (float)(clock2.tms_utime+clock2.tms_stime -
clock1.tms_utime-clock1.tms_stime) / (float)HZ;
printf("Statistics: Time used: %d, Crypts: %d, Time per crypt: %4.2f\n",
tim, crypts, tim / (float)crypts);
}
-------------------cut here------------------------------------------
#include <stdio.h>
#include <pwd.h>
#include <ctype.h>
/*
* Warning: this program burns a lot of cpu.
*/
/*
* Insecure - find accounts with poor passwords
Date: Tue, 29 Nov 83 18:19:32 pst
From: leres%ucbarpa@Berkeley (Craig Leres)
Modified by Seth Alford, Roger Southwick, Steve Dum, and
Rick Lindsley for Tektronix
*/
/*
* $Log: pwchkr.c,v $
* Revision 1.1 85/09/10 16:00:56 root
* Initial revision
*
*
* By default, this program only checks for accounts with passwords the same
* as the login name. The following options add more extensive checking. (The
* tradeoff is cpu time -- with all options enabled it can run into the 100's
* of MINUTES.) Any argument that does not begin with a "-" is assumed to be
* a file name. (A single '-' means stdin.) If no file name is given,
* /etc/passwd is used.
*
* Options:
*
* -v: verbose -- list all guesses on stdout
* -u: output the username on the line of the password file
* currently being checked. If the program stops
* abruptly you will then know how far it got.
* -w file: use the list of words contained in "file" as likely
* passwords. Words in the file are one to a line.
* -b: check all guesses backwards too
* -g: use the Full Name portion of the gecos field to
* generate more guesses
* -s: check the single letters a-z, A-Z, 0-9 as passwords
* -c: with each guess, check for all-lowercase and
* all-uppercase versions too.
* -n: complain about null passwords (default is to keep quiet)
* -p: print the password when guessed
*/
int verbose = 0, singles = 0, backwards = 0, checkgecos = 0, checkcase = 0,
chknulls = 0, printit = 0, users = 0, chkwords = 0;
char *index(),*reverse();
long atol();
FILE *fopen();
char *fgets();
char PASSWD[] = "/etc/passwd";
char EMPTY[] = "";
static FILE *pwf = NULL, *wlf = NULL;
char line[BUFSIZ+1];
char *Curpw, *Wordlist = NULL;
main(argc, argv)
char **argv;
{
register int i;
register char *arg;
int onedone = 0;
for (i = 1; i < argc; i++)
if ((arg = argv[i]) && *arg == '-')
while (*++arg) {
switch (*arg) {
case 'n':
/*
* complain about null passwords
*/
chknulls++;
break;
case 'c':
/*
* check cases
*/
checkcase++;
break;
case 'g':
/*
* use gecos
*/
checkgecos++;
break;
case 'v':
/*
* turn on motormouth
*/
verbose++;
break;
case 'b':
/*
* check all attempts forwards and backwards
*/
backwards++;
break;
case 's':
/*
* carry out a more intensive search, checking for
* single letter passwords
*/
singles++;
break;
case 'p':
/*
* print out the password when found
*/
printit++;
break;
case 'u':
/*
* print out users as testing
*/
users++;
break;
case 'w':
/*
* consult word list of likely passwords
*/
if ((Wordlist = argv[i+1]) == NULL) {
fprintf(stderr,
"%s: No file supplied with -w option\n",
argv[0]);
exit (1);
}
argv[i+1] = NULL;
break;
case '\0':
/*
* read from stdin
*/
break;
default:
fprintf(stderr,
"%s: unknown option '%c'. Options are:\n",argv[0],
*arg);
/* FALL THRU */
case '-':
fprintf(stderr,"-v:\t\tverbose -- list all guesses on stdout\n");
fprintf(stderr,"-u:\t\toutput the username currently being checked\n");
fprintf(stderr,"-w file:\tconsult the indicated file for words to check as p\n");
fprintf(stderr,"-b:\t\tcheck all guesses forwards and backwards\n");
fprintf(stderr,"-g:\t\tuse the Full name portion of the gecos field for more\n");
fprintf(stderr,"-s:\t\tcheck the single letters a-z, A-Z, 0-9 as passwords\n fprintf(stderr,"-c:\t\tcheck the all-upper and all-lower case version of eacesn)
fprintf(stderr,"-n:\t\tcomplain about null passwords\n");
fprintf(stderr,"-p:\t\tprint the password when guessed\n");
exit(1);
}
argv[i] = NULL;
}
for (i = 1; i < argc; i++) {
if (argv[i] == NULL) continue;
onedone++;
if (*(argv[i]) == '-') {
/*
* read from stdin; we'll cheat and set pwf directly
*/
pwf = stdin;
chkpw();
/*
* don't fclose stdin!
*/
clearerr(stdin);
}
else {
if (setpwent(argv[i])) {
perror(argv[i]);
continue;
}
Curpw = argv[i];
chkpw();
endpwent();
}
}
if (!onedone) {
Curpw = NULL;
chkpw();
}
exit(0);
}
#define ARB_CONST 100
chkpw()
{
register char *cp, *cp2;
register struct passwd *pwd;
struct passwd *getpwent();
char guess[100];
char *wordarray[ARB_CONST];
char *malloc(), **wordptr, **endptr;
int done = 0;
if (Wordlist)
{
if ((wlf = fopen(Wordlist,"r")) == NULL)
{
perror(Wordlist);
exit(1);
}
wordptr = wordarray;
/*
* note that endptr points to space OUTSIDE of wordarray
*/
endptr = wordarray + (sizeof(wordarray)/sizeof(char *));
while (fscanf(wlf,"%[^\n]\n",guess) != EOF)
{
if (wordptr == endptr)
{
fprintf(stderr,"Ran out of wordlist space. ARB_CONST %d must be too small.\n", ARB_C exit(1);
}
if ((*wordptr = malloc(1+strlen(guess))) == NULL)
{
fprintf(stderr,"malloc: no more memory for wordlist\n");
exit (1);
}
strcpy(*wordptr,guess);
wordptr++;
}
*wordptr = NULL;
}
while ((pwd = getpwent()) != 0 ) {
if (verbose || users) {
if (Curpw == NULL)
printf("\t%s \"%s\"\n", pwd->pw_name, pwd->pw_gecos);
else
printf("%s -- \t%s \"%s\"\n", Curpw, pwd->pw_name,
pwd->pw_gecos);
fflush(stdout);
}
if (*pwd->pw_passwd == '\0') {
if (chknulls) {
if (Curpw == NULL)
printf("Problem: null passwd:\t%s\tshell: %s\n",
pwd->pw_name, pwd->pw_shell);
else
printf("%s -- Problem: null passwd:\t%s\tshell: %s\n",
Curpw, pwd->pw_name, pwd->pw_shell);
fflush(stdout);
}
continue;
}
/*
* Try the user's login name
*/
if (uandltry(pwd,pwd->pw_name))
continue;
/*
* Try names from the gecos field
*/
if (checkgecos) {
strcpy(guess, pwd->pw_gecos);
cp = guess;
if (*cp == '-') cp++; /* special gecos field */
if ((cp2 = index(cp, ';')) != NULL)
*cp2 = '\0';
for (;;) {
if ((cp2 = index(cp, ' ')) == NULL) {
if (uandltry(pwd,cp)) done++;
break;
}
*cp2 = '\0';
if (uandltry(pwd,cp)) {
done++;
break;
}
cp = ++cp2;
}
}
if (!done && Wordlist)
{
/*
* try the words in the wordlist
*/
wordptr = wordarray;
while (endptr != wordptr)
{
if (*wordptr == NULL)
break;
if (uandltry(pwd,*wordptr++))
{
done++;
break;
}
}
}
if (!done && singles) {
/*
* Try all single letters
* (try digits too . --Seth)
*/
guess[1] = '\0';
for (guess[0]='a'; guess[0] <= 'z'; guess[0]++)
if (try(pwd,guess))
break;
for (guess[0]='A'; guess[0] <= 'Z'; guess[0]++)
if (try(pwd,guess))
break;
for (guess[0]='0'; guess[0] <= '9'; guess[0]++)
if (try(pwd,guess))
break;
}
}
}
/*
* Stands for "upper and lower" try. Calls the "real" try, below,
* with the supplied version of the password, and with
* an upper and lowercase version of the password. If the user doesn't
* want to try upper and lower case then we just return after the one
* check.
*/
uandltry (pwd,guess)
char *guess;
struct passwd *pwd;
{
register char *cp;
char buf[100];
int alllower, allupper;
alllower = allupper = 1;
if (try(pwd,guess) || (backwards && try(pwd,reverse(guess)))) return (1);
if (!checkcase) return(0);
strcpy (buf, guess);
cp = buf-1;
while (*++cp) {
if (isupper(*cp))
alllower = 0;
if (islower(*cp))
allupper = 0;
}
if (!allupper) {
for ( cp=buf; *cp != '\0'; cp++)
if (islower (*cp))
*cp += 'A' - 'a';
if (try(pwd,buf) || (backwards && try(pwd,reverse(buf)))) return (1);
}
if (!alllower) {
for ( cp = buf; *cp != '\0'; cp++)
if (isupper (*cp))
*cp += 'a' - 'A';
if (try(pwd,buf) || (backwards && try(pwd,reverse(buf)))) return (1);
}
return (0);
}
try(pwd,guess)
char *guess;
register struct passwd *pwd;
{
register char *cp;
char *crypt ();
if (verbose) {
if (Curpw == NULL)
printf ("Trying \"%s\" on %s\n", guess, pwd -> pw_name);
else
printf ("%s -- Trying \"%s\" on %s\n", Curpw, guess,
pwd -> pw_name);
fflush (stdout);
}
if (! guess || ! *guess) return(0);
cp = crypt (guess, pwd -> pw_passwd);
if (strcmp (cp, pwd -> pw_passwd))
return (0);
if (Curpw == NULL)
if (printit)
printf ("Problem: Guessed:\t%s\tshell: %s passwd: %s\n",
pwd -> pw_name, pwd -> pw_shell, guess);
else
printf ("Problem: Guessed:\t%s\tshell: %s\n", pwd -> pw_name,
pwd -> pw_shell);
else
if (printit)
printf ("%s -- Problem: Guessed:\t%s\tshell: %s passwd: %s\n",
Curpw, pwd -> pw_name, pwd -> pw_shell, guess);
else
printf ("%s -- Problem: Guessed:\t%s\tshell: %s\n",
Curpw, pwd -> pw_name, pwd -> pw_shell);
fflush (stdout);
return (1);
}
/* end of PW guessing program */
#define MAXUID 0x7fff /* added by tonyb 12/29/83 */
/* altered to a reasonable number - mae 8/20/84 */
/*
* Add a parameter to "setpwent" so I can override the file name.
*/
setpwent(file)
char *file;
{
if ((pwf = fopen(file,"r")) == NULL)
return(1);
return(0);
}
endpwent()
{
fclose(pwf);
pwf = NULL;
}
char *
pwskip(p)
register char *p;
{
while(*p && *p != ':' && *p != '\n')
++p;
if(*p == '\n')
*p = '\0';
else if(*p)
*p++ = '\0';
return(p);
}
struct passwd *
getpwent()
{
static struct passwd passwd;
register char *p;
long x;
if(pwf == NULL)
if (setpwent(PASSWD)) {
perror(PASSWD);
return(NULL);
}
p = fgets(line, BUFSIZ, pwf);
if(p == NULL)
return(0);
passwd.pw_name = p;
p = pwskip(p);
passwd.pw_passwd = p;
p = pwskip(p);
x = atol(p);
passwd.pw_uid = (x < 0 || x > MAXUID)? (MAXUID+1): x;
p = pwskip(p);
x = atol(p);
passwd.pw_gid = (x < 0 || x > MAXUID)? (MAXUID+1): x;
passwd.pw_comment = EMPTY;
p = pwskip(p);
passwd.pw_gecos = p;
p = pwskip(p);
passwd.pw_dir = p;
p = pwskip(p);
passwd.pw_shell = p;
(void) pwskip(p);
p = passwd.pw_passwd;
return(&passwd);
}
/*
* reverse a string
*/
char *reverse(str)
char *str;
{
register char *ptr;
register int len;
char *malloc();
if ((ptr = malloc((len = strlen(str))+1)) == NULL)
return(NULL);
ptr += len;
*ptr = '\0';
while (*str && (*--ptr = *str++))
;
return(ptr);
}
char *index(ptr,c)
char c,*ptr;
{
while (*ptr != c) {
if (*ptr++ == '\0') return((char *)0L);
}
return(ptr);
}
/*
* This program implements the
* Proposed Federal Information Processing
* Data Encryption Standard.
* See Federal Register, March 17, 1975 (40FR12134)
*/
/*
* Initial permutation,
*/
static char IP[] = {
58,50,42,34,26,18,10, 2,
60,52,44,36,28,20,12, 4,
62,54,46,38,30,22,14, 6,
64,56,48,40,32,24,16, 8,
57,49,41,33,25,17, 9, 1,
59,51,43,35,27,19,11, 3,
61,53,45,37,29,21,13, 5,
63,55,47,39,31,23,15, 7,
};
/*
* Final permutation, FP = IP^(-1)
*/
static char FP[] = {
40, 8,48,16,56,24,64,32,
39, 7,47,15,55,23,63,31,
38, 6,46,14,54,22,62,30,
37, 5,45,13,53,21,61,29,
36, 4,44,12,52,20,60,28,
35, 3,43,11,51,19,59,27,
34, 2,42,10,50,18,58,26,
33, 1,41, 9,49,17,57,25,
};
/*
* Permuted-choice 1 from the key bits
* to yield C and D.
* Note that bits 8,16... are left out:
* They are intended for a parity check.
*/
static char PC1_C[] = {
57,49,41,33,25,17, 9,
1,58,50,42,34,26,18,
10, 2,59,51,43,35,27,
19,11, 3,60,52,44,36,
};
static char PC1_D[] = {
63,55,47,39,31,23,15,
7,62,54,46,38,30,22,
14, 6,61,53,45,37,29,
21,13, 5,28,20,12, 4,
};
/*
* Sequence of shifts used for the key schedule.
*/
static char shifts[] = {
1,1,2,2,2,2,2,2,1,2,2,2,2,2,2,1,
};
/*
* Permuted-choice 2, to pick out the bits from
* the CD array that generate the key schedule.
*/
static char PC2_C[] = {
14,17,11,24, 1, 5,
3,28,15, 6,21,10,
23,19,12, 4,26, 8,
16, 7,27,20,13, 2,
};
static char PC2_D[] = {
41,52,31,37,47,55,
30,40,51,45,33,48,
44,49,39,56,34,53,
46,42,50,36,29,32,
};
/*
* The C and D arrays used to calculate the key schedule.
*/
static char C[28];
static char D[28];
/*
* The key schedule.
* Generated from the key.
*/
static char KS[16][48];
/*
* Set up the key schedule from the key.
*/
setkey(key)
char *key;
{
register i, j, k;
int t;
/*
* First, generate C and D by permuting
* the key. The low order bit of each
* 8-bit char is not used, so C and D are only 28
* bits apiece.
*/
for (i=0; i<28; i++) {
C[i] = key[PC1_C[i]-1];
D[i] = key[PC1_D[i]-1];
}
/*
* To generate Ki, rotate C and D according
* to schedule and pick up a permutation
* using PC2.
*/
for (i=0; i<16; i++) {
/*
* rotate.
*/
for (k=0; k<shifts[i]; k++) {
t = C[0];
for (j=0; j<28-1; j++)
C[j] = C[j+1];
C[27] = t;
t = D[0];
for (j=0; j<28-1; j++)
D[j] = D[j+1];
D[27] = t;
}
/*
* get Ki. Note C and D are concatenated.
*/
for (j=0; j<24; j++) {
KS[i][j] = C[PC2_C[j]-1];
KS[i][j+24] = D[PC2_D[j]-28-1];
}
}
}
/*
* The E bit-selection table.
*/
static char E[48];
static char e[] = {
32, 1, 2, 3, 4, 5,
4, 5, 6, 7, 8, 9,
8, 9,10,11,12,13,
12,13,14,15,16,17,
16,17,18,19,20,21,
20,21,22,23,24,25,
24,25,26,27,28,29,
28,29,30,31,32, 1,
};
/*
* The 8 selection functions.
* For some reason, they give a 0-origin
* index, unlike everything else.
*/
static char S[8][64] = {
14, 4,13, 1, 2,15,11, 8, 3,10, 6,12, 5, 9, 0, 7,
0,15, 7, 4,14, 2,13, 1,10, 6,12,11, 9, 5, 3, 8,
4, 1,14, 8,13, 6, 2,11,15,12, 9, 7, 3,10, 5, 0,
15,12, 8, 2, 4, 9, 1, 7, 5,11, 3,14,10, 0, 6,13,
15, 1, 8,14, 6,11, 3, 4, 9, 7, 2,13,12, 0, 5,10,
3,13, 4, 7,15, 2, 8,14,12, 0, 1,10, 6, 9,11, 5,
0,14, 7,11,10, 4,13, 1, 5, 8,12, 6, 9, 3, 2,15,
13, 8,10, 1, 3,15, 4, 2,11, 6, 7,12, 0, 5,14, 9,
10, 0, 9,14, 6, 3,15, 5, 1,13,12, 7,11, 4, 2, 8,
13, 7, 0, 9, 3, 4, 6,10, 2, 8, 5,14,12,11,15, 1,
13, 6, 4, 9, 8,15, 3, 0,11, 1, 2,12, 5,10,14, 7,
1,10,13, 0, 6, 9, 8, 7, 4,15,14, 3,11, 5, 2,12,
7,13,14, 3, 0, 6, 9,10, 1, 2, 8, 5,11,12, 4,15,
13, 8,11, 5, 6,15, 0, 3, 4, 7, 2,12, 1,10,14, 9,
10, 6, 9, 0,12,11, 7,13,15, 1, 3,14, 5, 2, 8, 4,
3,15, 0, 6,10, 1,13, 8, 9, 4, 5,11,12, 7, 2,14,
2,12, 4, 1, 7,10,11, 6, 8, 5, 3,15,13, 0,14, 9,
14,11, 2,12, 4, 7,13, 1, 5, 0,15,10, 3, 9, 8, 6,
4, 2, 1,11,10,13, 7, 8,15, 9,12, 5, 6, 3, 0,14,
11, 8,12, 7, 1,14, 2,13, 6,15, 0, 9,10, 4, 5, 3,
12, 1,10,15, 9, 2, 6, 8, 0,13, 3, 4,14, 7, 5,11,
10,15, 4, 2, 7,12, 9, 5, 6, 1,13,14, 0,11, 3, 8,
9,14,15, 5, 2, 8,12, 3, 7, 0, 4,10, 1,13,11, 6,
4, 3, 2,12, 9, 5,15,10,11,14, 1, 7, 6, 0, 8,13,
4,11, 2,14,15, 0, 8,13, 3,12, 9, 7, 5,10, 6, 1,
13, 0,11, 7, 4, 9, 1,10,14, 3, 5,12, 2,15, 8, 6,
1, 4,11,13,12, 3, 7,14,10,15, 6, 8, 0, 5, 9, 2,
6,11,13, 8, 1, 4,10, 7, 9, 5, 0,15,14, 2, 3,12,
13, 2, 8, 4, 6,15,11, 1,10, 9, 3,14, 5, 0,12, 7,
1,15,13, 8,10, 3, 7, 4,12, 5, 6,11, 0,14, 9, 2,
7,11, 4, 1, 9,12,14, 2, 0, 6,10,13,15, 3, 5, 8,
2, 1,14, 7, 4,10, 8,13,15,12, 9, 0, 3, 5, 6,11,
};
/*
* P is a permutation on the selected combination
* of the current L and key.
*/
static char P[] = {
16, 7,20,21,
29,12,28,17,
1,15,23,26,
5,18,31,10,
2, 8,24,14,
32,27, 3, 9,
19,13,30, 6,
22,11, 4,25,
};
/*
* The current block, divided into 2 halves.
*/
static char L[32], R[32];
static char tempL[32];
static char f[32];
/*
* The combination of the key and the input, before selection.
*/
static char preS[48];
/*
* The payoff: encrypt a block.
*/
encrypt(block, edflag)
char *block;
{
int i, ii;
register t, j, k;
/*
* First, permute the bits in the input
*/
for (j=0; j<64; j++)
L[j] = block[IP[j]-1];
/*
* Perform an encryption operation 16 times.
*/
for (ii=0; ii<16; ii++) {
/*
* Set direction
*/
if (edflag)
i = 15-ii;
else
i = ii;
/*
* Save the R array,
* which will be the new L.
*/
for (j=0; j<32; j++)
tempL[j] = R[j];
/*
* Expand R to 48 bits using the E selector;
* exclusive-or with the current key bits.
*/
for (j=0; j<48; j++)
preS[j] = R[E[j]-1] ^ KS[i][j];
/*
* The pre-select bits are now considered
* in 8 groups of 6 bits each.
* The 8 selection functions map these
* 6-bit quantities into 4-bit quantities
* and the results permuted
* to make an f(R, K).
* The indexing into the selection functions
* is peculiar; it could be simplified by
* rewriting the tables.
*/
for (j=0; j<8; j++) {
t = 6*j;
k = S[j][(preS[t+0]<<5)+
(preS[t+1]<<3)+
(preS[t+2]<<2)+
(preS[t+3]<<1)+
(preS[t+4]<<0)+
(preS[t+5]<<4)];
t = 4*j;
f[t+0] = (k>>3)&01;
f[t+1] = (k>>2)&01;
f[t+2] = (k>>1)&01;
f[t+3] = (k>>0)&01;
}
/*
* The new R is L ^ f(R, K).
* The f here has to be permuted first, though.
*/
for (j=0; j<32; j++)
R[j] = L[j] ^ f[P[j]-1];
/*
* Finally, the new L (the original R)
* is copied back.
*/
for (j=0; j<32; j++)
L[j] = tempL[j];
}
/*
* The output L and R are reversed.
*/
for (j=0; j<32; j++) {
t = L[j];
L[j] = R[j];
R[j] = t;
}
/*
* The final output
* gets the inverse permutation of the very original.
*/
for (j=0; j<64; j++)
block[j] = L[FP[j]-1];
}
char *
crypt(pw,salt)
char *pw;
char *salt;
{
register i, j, c;
int temp;
static char block[66], iobuf[16];
for(i=0; i<66; i++)
block[i] = 0;
for(i=0; (c= *pw) && i<64; pw++){
for(j=0; j<7; j++, i++)
block[i] = (c>>(6-j)) & 01;
i++;
}
setkey(block);
for(i=0; i<66; i++)
block[i] = 0;
for(i=0;i<48;i++)
E[i] = e[i];
for(i=0;i<2;i++){
c = *salt++;
iobuf[i] = c;
if(c>'Z') c -= 6;
if(c>'9') c -= 7;
c -= '.';
for(j=0;j<6;j++){
if((c>>j) & 01){
temp = E[6*i+j];
E[6*i+j] = E[6*i+j+24];
E[6*i+j+24] = temp;
}
}
}
for(i=0; i<25;"[V-)jR�$H� encrypt(block,0);
for(i=0; i<11; i++){
c = 0;
for(j=0; j<6; j++){
c <<= 1;
c |= block[6*i+j];
}
c += '.';
if(c>'9') c += 7;
if(c>'Z') c += 6;
iobuf[i+2] = c;
}
iobuf[i+2] = 0;
if(iobuf[1]==0)
iobuf[1] = iobuf[0];
return(iobuf);
}
|
|
