Your source of Free Articles Your source of Free Reprint Articles and Content! Login

Find an Article:, your source of Free Articles about: Internet (General)

Binary files accessing

passwords ,

This document describes a command for accessing the NetWare 3.x binderyfiles directly, bypassing the NetWare network API calls.
It can be used for fast bindery access, bulk user management, bypassingsecurity restrictions, investigating problems etc.

It is quite possible to destroy the bindery completely, or to revealinformation which could be used by hackers to obtain passwords. Usersare assumed to have a basic grasp of good procedures for security andbackup.

2. Command syntax
The basic format of the command is
bindery [options] bindery-spec action action ...

2.1 Specifying a bindery
A bindery specification takes the form
E.g. SYS:SYSTEM/.SYS. The path defaults to the current directory. Theextension defaults to .OLD.
Alternatively an 'active' bindery can be specified:
SERVER server
The bindery will be closed if necessary.

2.2 Actions on the bindery
INFO print info about the bindery SCHEMA checks the bindery against the schema in BINDERY.SCH DUMP obj dump all information for the specified object(s) OBJ list all object records PROP list all property records VAL list all value records VALDATA list all value records, with data EXPORT export the bindery to a text file; see below IMPORT import the bindery from a text file ETC export user password information, suitable for input to the password-cracking program described below
The following actions apply only if a bindery has been specified by theSERVER parameter: CLOSE close the bindery, i.e. make it available for direct access; users attempting to access the bindery via NetWare API calls will receive an error OPEN open the bindery, which causes the server to reload it and may take some time for large binderies COPY directory copy the bindery files into a directory elsewhere

3. Export/import
The bindery can be exported to and imported from a text file. This canbe used for various purposes:
- problem diagnosis and repair
- creation of large binderies given a set of user information
- compaction of binderies
- merging binderies or moving users between binderies while preserving their passwords
To see the format of the export file, try exporting a small bindery.

4. Password cracking
Passwords are not stored in clear in the bindery. What is stored is a16-byte value computed via a one-way function from the user's object idand the password. Given the object id and password it is possible togenerate a candidate password which can be compared against that in thebindery.
The ETC option of the BINDERY command produces a file containing therequired information, in a format superficially similar to /etc/passwdon Unix:
ttidy:32d8998e098a05830f809b809ea02137:D0000001:8:Terry Tidy
This can then be input into bindery cracking programs. Separating thefunctions in this way allows various forms of parallelism:
- the password file can be split into smaller chunks
- the same password file can be worked on by several cracking programs each with different dictionaries or algorithms
- cracking programs can be run on faster machines
A cracking program BINCRACK is provided which takes such a file asinput. It has command syntax:
bincrack [/verify] [/numsub] pw-file dict-file
/verify lists the passwords that are being tried. /numsub triessubstituting numbers for letters, e.g. "1D10T". This takes a lot longeras all possible combinations are tried. pw-file is an exported binderypassword file. dict-file is a simple word list.
Versions are available for MS-DOS and for Solaris 1 and Solaris 2 SPARCsystems.
Suitable wordlists can be found at

For more info
Published: 2007-12-29
Author: amol wagh

About the author or the publisher
amol wagh

Source: - Free Articles

Most popular articles from Internet (General) category
Buy this article  
Full Rights: 50.00

Article Categories
Arts and Entertainment Automotive Business Communication Computer and Internet   Affiliate Revenue   Audio Streaming   Autoresponders   Blogging   Data-Recovery   Domain Names   E-Books   Ecommerce   Email Marketing   Games   Hardware   Internet (General)   Internet Marketing   Laptop   Podcasting   PPC Advertising   Security   SEO   Site-Promotion   Software   Spam-Blocker   Traffic Building   Video Streaming   Web Design   Web Development   Web Hosting Finance Health and Fitness Home and Family Legal News and Society Pets and Animals Recreation and Sports Science Self Improvement Travel


Home | Submit an article | Benefits | Terms and Conditions | Top Writers | Contact-Us| Login

Copyright - Free Reprint Articles -