IBM Mainframe Forum

Hi Floks,

I have extracted RACF database (SYS1.RACFDS) to a flat file using IRRIDB00 utility program. I see Record type 200 indicates TSO segment information. when i obseverd record type 220 for a userid in the flat file for a PASSWORD i didn't get the location where the password starts & ends(the password is in encrypted via DES algoritham).

Could you please let me know where the PASSWORD stored( in which record type) (or) Am i following the correct method to get the password location (or) it is not possible to see encrypted password in RACF database.

I would appreciate your help!!!.

Thx,
XY09

XY09 wrote:I have extracted RACF database (SYS1.RACFDS) to a flat file using IRRIDB00 utility program. I see Record type 200 indicates TSO segment information. when i obseverd record type 220 for a userid in the flat file for a PASSWORD i didn't get the location where the password starts & ends(the password is in encrypted via DES algoritham).

Could you please let me know where the PASSWORD stored( in which record type) (or) Am i following the correct method to get the password location (or) it is not possible to see encrypted password in RACF database.

I would appreciate your help!!!.

And why would you want to know this? So that you can use a dictionary attack?

Your skillset contains just Cobol,Jcl,Db2,Vsam, CICS and IMS DB, which makes your request very, very suspicious - people who actually deal with RACF issues would never have posted the above...

• The password in the RACF database in encrypted. You cannot see it in plain text.
• The password is not stored in the TSO segment.

Passwords are not included in IRRDBU00 output. Passwords are not stored in clear text the RACF database. What is stored in the user profile in the database is a hash value created using the DES algorithm with the USERID as data and the password as the encryption key. RACF does not provide a means of unencrypting the password. To obtain the hash value, you will need to read the RACF database, perhaps by using Assembly Macros such as RACROUTE REQUEST=EXTRACT or ICHEINTY.

Thanks for the update. I always know the password was not in clear text and that it was not possible to translate it to clear text, but did not know this additional info, like the password area was not in the IRRDBU00 output.