Subject RE: [IB-Architect] The Borland Back Door
Author Jim Starkey
At 02:38 PM 1/11/01 +0100, Tobias Giesen wrote:
>> Which means you can connect to the ISC4.GDB and read
>> the USERS table, including encrypted copies of all the
>> passwords.
>How are they encrypted? Has the source code of the encryption been
>published? Probably dead easy to decrypt them using code from open-source

It uses the standard Unix crypt() function. Crypt uses the 7
low order bits of the key and a given salt to generate a DES
key which encrypts a known string. The Linux man pages suggests
that if you're planning to use crypt(), get a book on encryption
and use something better.

Jim Starkey