The shadowing used on passwords can only be worked one way. You never work the encrypted password to retrieve the plaintext password, you always work the plaintext password to retrieve the shadow.

That said, you don't need "THE" password, just "A" password that yields the same value when shadowed (of course, for our purposes, we'll assume that these are the same).

Of course, this is far from impossible, and of course, knowing the salt gets you PART of the way there, as was already commented, but you gotta have the salt expressed somewhere so the shadow can be worked again in order to get the encrypted text to test the password against. An afternoon running John the Ripper will show you JUST how secure older algorithms are against NEWER processors, of course, the goal of encryption is generally not to permanently obscure data, just to make it hard enough that it's obscured for long enough.

Of course, you can always just use a different algorithm.

Just Another Perl Backpacker

---

---

• Are you posting in the right place? Check out Where do I post X? to know for sure.
• Posts may use any of the Perl Monks Approved HTML tags. Currently these include the following:

  <code> <a> <b> <big> <blockquote> <br /> <dd> <dl> <dt> <em> <font> <h1> <h2> <h3> <h4> <h5> <h6> <hr /> <i> <li> <nbsp> <ol> <p> <small> <strike> <strong> <sub> <sup> <table> <td> <th> <tr> <tt> <u> <ul>

• Snippets of code should be wrapped in <code> tags not <pre> tags. In fact, <pre> tags should generally be avoided. If they must be used, extreme care should be taken to ensure that their contents do not have long lines (<70 chars), in order to prevent horizontal scrolling (and possible janitor intervention).
• Want more info? How to link or How to display code and escape characters are good places to start.