Together, towards a better future

UNIX Co-Founder Ken Thompson's BSD Password Has Been Cracked

2 min read
UNIX Co-Founder Ken Thompson's BSD Password Has Been Cracked

In 2014, developer Leah Neukirchen spotted an interesting “/etc/passwd” file in a publicly available source tree of historian BSD version 3, which includes hashed passwords belonging to more than two dozens Unix luminaries who worked on UNIX development, including Dennis Ritchie, Stephen R. Bourne, Ken Thompson, Eric Schmidt, Stuart Feldman, and Brian W. Kernighan.

Since all passwords in that list are protected using now-depreciated DES-based crypt(3) algorithm and limited to at most 8 characters, Neukirchen decided to brute-force them for fun and successfully cracked passwords (listed below) for almost everyone using password cracking tools like John the Ripper and hashcat.

She was successful in cracking passwords of most of the personalities on the list except five passwords. Out of the uncracked passwords, Neukirchen was most curious about Ken Thompson’s password.

Neukirchen tried combinations of all lower-case letters and digits spending a lot of days but failed to get the password. The topic was raised on The Unix Heritage Society mailing list this month when Neukirchen reminded everyone how frustrated she is about Thompson’s uncracked password.

Posting in the society’s mailing list thread, she wrote: ” never managed to crack ken’s password with the hash ZghOT0eRm4U9s, and I think I enumerated the whole 8 letter lowercase + special symbols key space.”

Thompson’s password has been revealed as “p/q2-q4!a” — a notation in chess to describe the move “pawn from Queen’s 2 to Queen’s 4.”

Just a day after Willians revealed Thompson’s password, another mailing list member, Arthur Krewat, successfully cracked and provided the passwords for four more remaining uncracked hashes.

Here’s a list of cracked passwords belonging to other computer science pioneers:

PersonUsernameHashesPlaintext password
Mark HortonmarkPb1AmSpsVPG0Yuio
Kirk McKusickmckusickAAZk9Aj5/Ue0Efoobar
Richard FatemanfatemanE9i8fWghn1p/Iapr1744
Runs a program, not a login shellnetwork9EZLtSYjeEABEnetwork
UNIX-to-UNIX CopyuucpP0CHBwE/mB51kwhatnot
Peter KesslerpeterNc3IkFJyW2u7E…hello
Kurt ShoenskurtolqH1vDqH38awsacristy
Brian W. Kernighanjkf9ULn5cWTc0b9Esherril.
Peter J. WeinbergerpjwN33.MCNcTh5Qwuucpuucp
Ernie Co-vaxrootOVCPatZ8RFmFYcowperso
John ReiserjfrX.ZNnZrciWauE5%ghj
Steve JohnsonscjIL2bmGECQJgbkpdq;dq
Bob Kridlekridle4BkcEieEtjWXIjilland1
Keith Sklowersklower8PYh/dUBQT9Sstheik!!!
Robert Henryhenrylj1vXnxTAPnDcsn74193n
Howard Katseffhpk9ycwM8mmmcp4Qgraduat;
Özalp Babaoğluozalpm5syt3.lB5LAE12ucdort
Bob Fabryfabryd9B17PTU2RTlM561cml..
Tom LondontblcBWEbG59spEmM..pnn521

Until now, all members in the list that Neukirchen found have had their passwords cracked except Bill Joy, whose username is bill and hashed password is “.2xvLVqGHJm8M”

Get all the latest posts delivered straight to your inbox!
🎉 You've successfully subscribed to Hack Hex!