Difference between revisions of "johntheripper mini howto"
From thelinuxwiki
(Created page with " == cracking passwords == simple crack on single user "admin" in password file using default john word list and settings # john --users=admin --session=mycrack /etc/pas...") |
|||
| Line 8: | Line 8: | ||
simple crack on single user "admin" in password file using default john word list and settings | simple crack on single user "admin" in password file using default john word list and settings | ||
| − | # john --users=admin --session=mycrack /etc/passwd | + | # '''john --users=admin --session=mycrack /etc/passwd''' |
the password file must include the password hashes | the password file must include the password hashes | ||
| + | crack using specified word list | ||
| + | |||
| + | # '''john --users=admin --wordlist=/var/tmp/wordlist.txt /etc/passwd''' | ||
| + | Loaded 1 password hash (FreeBSD MD5 [128/128 SSE2 intrinsics 12x]) | ||
| + | abc123 (admin) | ||
| + | guesses: 1 time: 0:00:00:00 DONE (Sat Jun 7 00:35:56 2014) c/s: 3.33 trying: abc123 | ||
| + | Use the "--show" option to display all of the cracked passwords reliably | ||
== crack status == | == crack status == | ||
| − | # john --status=mycrack | + | # '''john --status=mycrack''' |
== shadow files == | == shadow files == | ||
| Line 23: | Line 30: | ||
example | example | ||
| − | # unshadow /etc/passwd /etc/shadow > /var/tmp/passwd-shadow | + | # '''unshadow /etc/passwd /etc/shadow > /var/tmp/passwd-shadow''' |
[[category:hacking]] | [[category:hacking]] | ||
Revision as of 05:43, 7 June 2014
cracking passwords
simple crack on single user "admin" in password file using default john word list and settings
# john --users=admin --session=mycrack /etc/passwd
the password file must include the password hashes
crack using specified word list
# john --users=admin --wordlist=/var/tmp/wordlist.txt /etc/passwd Loaded 1 password hash (FreeBSD MD5 [128/128 SSE2 intrinsics 12x]) abc123 (admin) guesses: 1 time: 0:00:00:00 DONE (Sat Jun 7 00:35:56 2014) c/s: 3.33 trying: abc123 Use the "--show" option to display all of the cracked passwords reliably
crack status
# john --status=mycrack
shadow files
if the system you are trying to crack passwords on uses the /etc/shadow file to store password hashes (very likely), then use john's unshadow utility to construct / consolidate the /etc/passwd and /etc/shadow into one file for cracking
example
# unshadow /etc/passwd /etc/shadow > /var/tmp/passwd-shadow
