[cciesec2006]

Hi All,

I've been tasked to do a security audit for all of our firewall
Administrators. One of the tasks is to audit the password strength
anyone who can log into the Provider-1 and CMAs regardless of
privileges.

Anyway, I have access to the $MDSDIR/conf/mdsdb/cp-admins.C file
and I can see all user accounts in here and the password is encrypted.
I would like to run this password through a some kind of password
cracker and see how strong these passwords are because I can create
a P-1 supper user with a password of "123456", which is NOT good.
This is what I see in the file:

[root@Linux-lab mdsdb]# more cp-admins.C
(
:version (6.08)
: (admin
:AdminInfo (
:chkpf_uid ("{4DD1C39A-D709-11DC-B0AE-0AFA61096565}")
:ClassName (pv1_administrator)
:table (pv1_administrators)
:LastModified (
:Time ("Sat Feb 9 12:19:47 2008")
:By (localhost)
:From (Linux-lab)
)
:icon ("Provider-1/pv1_admin")
)
:GlobalSdbReadOnly (0)
:SdbReadOnly (0)
:administrator (true)
:auth_method ("Old User Password")
:connection_state (uninitialized)
:customer_perms ()
:days (127)
:fromhour ("00:00")
:internal_password (6b846265fd68a762707f8102a2d4711f1e26f479)
:msp_perm (80000000)
:pv1_auth_server ()
:sic_name ()
:tohour ("23:59")
:type (pv1_administrator)
:vsx_provisioning (true)
)
[root@Linux-lab mdsdb]#

Anyone know I can crack the checkpoint internal password string,
in this case, 6b846265fd68a762707f8102a2d4711f1e26f479

Any ideas?

Thanks.