This is an untested theory, but I don’t see why it wouldn’t work. Anyone who wants to prove it either way is very welcome to comment on the matter below.

Ok. Say you have the following exerpt from an /etc/shadow file:

root:awac7eQv2CT0g:12685:0:10000::::
billybob:$7$b1XHzqR5$RJxOyHRAix2rVmtXyHkLikmnod.z94P6vSL1h8ZeUdY/urvOvkvJjg2hn/J0r90YAdAA8HedGIPR2D7.zIzJS0:14438:0:99999:7:::

Both passwords in clear text are “uncrackable”. Here is where the trick comes into it. We use the weakness in LM hashes to crack the password (as long as it’s under 15 characters of course). We do this by slamming the password into our system, installing SAMBA, and telling it to use our UNIX users/pass combos for authenitcation. Then we use the LM cracking method of choice, and you get the clear text password.

Using one cracking method to crack other encryptions. Again, just a theory as I haven’t tested it, but I don’t see why this wont work. I would say it’s about time for you to start using 15+ character passwords if you haven’t already.

Merry Christmas!