Previously, I tested this using the SSH command on multiple kindles. My Touch has /usr/local copied from the diags partition. I know that the passwords on all my kindles (multple K3s, DX, DXG, multiple K4NT, and Touch) are all either mario or fionaXXX (3 hex digits), because I cracked them all using John the Ripper.
On the K4NT and Touch, when I SSH in I can type extra characters after the 8 character password. On K3 and earlier using the SSH hack, I cannot type extra characters.
This time I tried using the "login" command to test passwords in an SSH session on the Touch. I found that "login" from a command prompt does not accept extra characters, but SSH does.
I also tried changing my touch root password to "123456789". Now the login command requires the full 9 characters. SSH also required all 9 characters. Then I changed it to "12345678". The login command only worked with 8 characters, and SSH only works with 8 characters.
I also tried changing the password back to my original fionaXXX password, and it only worked as 8 characters. The shadow file does not match my original backup copy even with the same password. It is probably using a salt.
I then changed my root password to the 9 character computed fionaXXXX password, and only 9 characters works.
So, there is something special about default passwords, that allows extra characters to be appended to them. User created passwords are sensitive to length.
I copied my original shadow file back, and now I can type optional extra characters after fionaXXX.
Perhaps the different behavior has something to do with salted or unsalted password hashes, or it uses a different hash encryption type. Whatever the ORIGINAL uses only cares about the first 8 characters.
Last edited by geekmaster; 02-13-2012 at 12:58 PM.
|