Return to Answer

typo

Source Link

edited Aug 27, 2021 at 1:05

6.9k
1
25
27

Any privileged (UID=0) program can read /etc/shadow, retrieving both the encrypted password and the encryption algorithm for a given user.

The program uses the encryption algorithm to encrypt the password-to-be-tested. If the two encrypted passwords match, so do the two passwords, if they don't match, the passwords don't either, anand no information about the actual password is leaked.

Any privileged (UID=0) program can read /etc/shadow, retrieving both the encrypted password and the encryption algorithm for a given user.

The program uses the encryption algorithm to encrypt the password-to-be-tested. If the two encrypted passwords match, so do the two passwords, if they don't match, the passwords don't either, an no information about the actual password is leaked.

Any privileged (UID=0) program can read /etc/shadow, retrieving both the encrypted password and the encryption algorithm for a given user.

The program uses the encryption algorithm to encrypt the password-to-be-tested. If the two encrypted passwords match, so do the two passwords, if they don't match, the passwords don't either, and no information about the actual password is leaked.

Source Link

answered Aug 26, 2021 at 3:43

waltinator

6.9k
1
25
27

Any privileged (UID=0) program can read /etc/shadow, retrieving both the encrypted password and the encryption algorithm for a given user.

The program uses the encryption algorithm to encrypt the password-to-be-tested. If the two encrypted passwords match, so do the two passwords, if they don't match, the passwords don't either, an no information about the actual password is leaked.