Forum users crack old passwords of Unix founders

Spread the love

An internet historian has found and cracked the passwords of the first Unix founders with the help of a forum. Leah Neukirchen managed to find the password hashes of the pioneers in the source tree of an early Unix variant.

Leah Neukirchen found the password hashes in version 3 of BSD, Ars Technica writes. The findings can be found on the Unix Heritage Society mailing list. The hashes of that time, which were encrypted with Descrypt, are now easy to crack. At its debut in 1979, Descrypt was one of the best and most modern encryption techniques. Today, hacking software has become so sophisticated that cracking Descrypt hashes is a piece of cake.

Neukirchen found the hashes in a 1980 version of BSD distributed by the University of California at Berkeley. Remarkably, the password files were simply included in the operating system’s public source code. Cracking the passwords turned out to be quite simple by using Descrypt. This is partly due to the simple passwords the users chose; in early versions of BSD, software limitations allowed only passwords of up to eight characters to be used.

For example, the co-inventor of BSD, Dennis MacAlistair Ritchie, used the password “dmac.” The password of Stephen R. Bourne, creator of the Bourne shell command line interpreter, was ‘bourne’. An early developer of Unix software, Eric Schmidt, chose ‘wendy!!!’, his wife’s name. Until recently, Eric Schmidt was a board member at Alphabet, the parent company of Google. Stuart Feldman used ‘axolotl’, the name of a salamander species. Feldman published the Unix build automation tool Make, which automatically creates executable files from source codes.

One who worked on Unix, Brian W. Kernighan, used ‘/.,/.,’ as the password. These characters are next to each other on a keyboard. Neukirchen was unable to crack all the passwords himself. These include the passwords of Unix developer Howard Katseff, computer scientist Özalp Babaoğlu and Unix contributors Tom London and Bob Fabry. Neukirchen also failed to crack the password of one of Unix’s co-inventors, Ken Thompson.

Using Hashcat cracking software, it took four days to decipher the passwords with a Vega 64 GPU from AMD, which runs at an average hashrate of 930MH/s, Ars Technica writes. This means that the software tries 930 million password combinations per second. Neukirchen submitted a request for help to readers of the Unix Heritage Society mailing list for the latest hashes. A few hours later, the last four hashes were deciphered by other users. Katseff used ‘graduat;’, Fabry had ‘561cml..’ as password, London used ‘..pnn521′ and Babaoğlu’s password was ’12ucdort’.

Even Ken Thompson’s password was cracked and was by far the most complicated password: ‘p/q2-q4!’ Forum users write that this is an English descriptive notation for an opening move in a game of chess, Ars Technica reports.

Ken Thompson (seated) and Dennis Ritchie. Photo by Magnus Manske via Wikimedia. Licensed under CC BY-SA 2.0

You might also like