i have a acronis image tib file with password. But i forgot password and I remember there were 7 characters. How can i find password? Do you know any password cracker. Like brute force attack? Thank you
Related
I want to add password to Redis.
I interested if there is a way to save encrypted password in redis.conf and not as plain text?
Or a way not to store the password in redis.conf at all?
By default redis.conf atleast until today with its most recent version - 6.0.1 still doesnt support encrypting a password.
While this is a situation is not fully avoidable, at the best, you can automate this by writing a wrapper startup script that would accept password as an argument and bring up the service. And then, once the service is up, ALTHOUGH THIS IS TO BE AVOIDED AND IS NOT RECOMMENDED you can delete the conf file or change the password in that file. and, before the startup of REDIS, you would require to run the startup script again/ re-enter the original password. BUT THIS CAN ADDITIONALY CAUSE PROBLEMS.
Please note -> redis.conf can be secured by linux/OS permissions and thats the best way to do so
No Redis doesn't support encrypted password for auth. You may check the details in official documentation
The password is set by the system administrator in clear text inside the redis.conf file. It should be long enough to prevent brute force attacks.
Additionally;
The AUTH command, like every other Redis command, is sent unencrypted, so it does not protect against an attacker that has enough access to the network to perform eavesdropping.
You may use config set requirepass yourpassword to set password and this will not require a server restart but set it on-fly, but when the server is restarted your previous password(written in conf file)/no password(if it is not set) will be used to authenticate requests.
Well while encryption is till now not an option, Redis 6 introduced ACL (Access Control List) where you can store your SHA256-hashed passwords in the redis.conf file.
Please note that this not an Encryption though!
From redis-cli:
acl setuser yourUser on #951249c8e32817cb0727ba2b1440f008c49c582e5daca4a0bd6d64eed1291a37
From redis.conf
user yourUser on #951249c8e32817cb0727ba2b1440f008c49c582e5daca4a0bd6d64eed1291a37
Additional note:
You may need to disable the default user which does not have a password:
From redis-cli:
acl setuser default off
From redis.conf
user default off
So I have a password that my password manager overwrote, and I self host the server (NextCloud) and I would like to know if it is possible to revert the hashed password with the salt key I have, I heard NextCloud uses Argon2i when using PHP 7.0 and later (and I'm running PHP 7.0 or later) so is it possible to revert my password back to it's original state and put it back into the password manager (Sorry I'm a bit of a noob when it comes to dehashing/decrypting passwords because I've never needed to dehash/decrypt my passwords before)
Edit: If I were to provide my argon'd password, could someone crack it or better yet tell me how to crack it, based on the mysql database it seems to have the parameters used to make the password by argon (probably to de-argon it to check if the password is actually correct)
This is a very specific solution but in the event that you are using nextcloud and you have access to the account when losing your password, just download all the files, make a new account and upload them to that account and delete the old account
Please help me to restore or change my Splunk enterprise password. I forgot Splunk username and password and I don't want to reinstall it cause I am having my data on it. So please help me to crack it. I tried all available ways which I got in google search, But nothing works.
Splunk doesn't disclose their encryption algorithm.
There is an established procedure for "recovering" the admin password. Stop Splunk and rename the $SPLUNK_HOME/etc/passwd file. Start Splunk and sign in using the default password. Change your password. If you have no other users, you are done. If you do have other users, stop Splunk, copy the encrypted password from $SPLUNK_HOME/etc/passwd to the passwd file you renamed earlier. Put the renamed file back in its original name and location, then start Splunk.
LDAP server = CA DXserver r12.0 (build 6484) Linux/DXgrid 64-Bit
I am trying to edit the userPassword attribute in the users section. I am able to enter a new SSHA password and also verify it. Once entered the userPassword shows as SSHA Hashed Password as expected.
However while editing, if I choose a SSHA-256 / SSHA-384 or a SSHA-512 as the hash method, the userPassword attribute shows as a SHA Hashed Password and the password verification also fails.
I am using Apache Directory Studio eclipse plugin for testing this out.
Is there any other configuration that is required at the LDAP server level to make this work?
Thanks in Advance
Charlie
Usually, the password hashing algorithm is configured on the server side. The server will either accept a password already hashed with the appropriate algorithm, or will hash using its configured algorithm any password that it considers as not hashed. My guess is that CA server doesn't recognize the SSHA-2 hashed passwords as properly hashed. This said, I don't have experience with CA Directory specifically.
Sorry for my bad English, but if you can help my it will be great.
I have couple of file system over my network and every night I need to take one file from another file system to mine.
for that to happen i'm using a Batch script how mapping me the drive with net use command.
my problem is that i don't want the password will go through clear text
( To see my password or to sniff it).
my questions is :
there is any way that i can encrypt my password and still login with the same credentials.
Thank You
If you can set up a Domain controller using either one of your Windows machines, or Samba, then you could use Trusted authentication based on the user executing the scheduled job that executes the batch file.
Alternately, you could encrypt the password and have a program decrypt it and execute the net use, but you're always* going to be faced with the fact that if your computer can send the password out when you don't type it in, then your computer knows your password, and anyone with physical access to that computer can get your password.
*Unless your computer doesn't know the password, and instead relies on an HSM (Hardware Security Module).
I had the same thing but found a nice workaround.
The passwords are not stored in DOS so I went from the run menu and simply typed the name of the path like "\server\files".
When it asked for credentials I ticked the checkbox "Save credentials"
The password will then be stored in your Windows Credential Manager (control panel) and this way your dos batch file fwill always now the password.