Path: utzoo!utgpu!news-server.csri.toronto.edu!cs.utexas.edu!swrinde!zaphod.mps.ohio-state.edu!sol.ctr.columbia.edu!ira.uka.de!fauern!faui43.informatik.uni-erlangen.de!richter
From: richter@immd4.informatik.uni-erlangen.de (Joachim Richter)
Newsgroups: comp.unix.wizards
Subject: Re: Hacking and "Amateurism"
Message-ID: <1991Apr16.121218.6603@informatik.uni-erlangen.de>
Date: 16 Apr 91 12:12:18 GMT
References: <1991Mar26.015635.23103@mintaka.lcs.mit.edu> <1991Mar26.163720.28379@en.ecn.purdue.edu> <1991Mar27.041126.9886@news.miami.edu> <1916@hpwala.wal.hp.com> <JASON.91Apr10225530@lancelot.cs.odu.edu>
Reply-To: richter@medusa.UUCP ()
Organization: CSD., University of Erlangen, Germany
Lines: 23

In article <JASON.91Apr10225530@lancelot.cs.odu.edu> jason@cs.odu.edu (Jason "dedos" Austin) writes:
>	
>	It's not too hard to show that it is possible to decode a
>password.  Every time the same salt and the same password is run
>through the crypt function, the same code comes out. 
>(It would have to
>or the thing wouldn't work at all) At the worst case, an exhaustive
>table from coded to decoded passwords woul; give right answers.  Even
>if the relation is not 1-1 and each code has more than one possible
>decoding, any of the valid decodings would let you log in.  Of course,
>this would be quite a large table to calculate considering all the
>permutations.
>--
>Jason C. Austin
>jason@cs.odu.edu


Right. Of course you can do that.
You can also, for a given object file, find the source code,
that, when compiled, gives that object code that way. No problem.
Maybe it will take a while - some millions of years or so.
But, since the number of source codes, that give the same object code
is infinite, your chance is not so bad :-)