Difference between revisions of "johntheripper mini howto"
From thelinuxwiki
(→cracking passwords) |
|||
| Line 12: | Line 12: | ||
the password file must include the password hashes | the password file must include the password hashes | ||
| − | crack using specified word list | + | crack using specified word list... |
# '''john --users=admin --wordlist=/var/tmp/wordlist.txt /etc/passwd''' | # '''john --users=admin --wordlist=/var/tmp/wordlist.txt /etc/passwd''' | ||
Revision as of 05:44, 7 June 2014
cracking passwords
simple crack on single user "admin" in password file using default john word list and settings
# john --users=admin --session=mycrack /etc/passwd
the password file must include the password hashes
crack using specified word list...
# john --users=admin --wordlist=/var/tmp/wordlist.txt /etc/passwd Loaded 1 password hash (FreeBSD MD5 [128/128 SSE2 intrinsics 12x]) abc123 (admin) guesses: 1 time: 0:00:00:00 DONE (Sat Jun 7 00:35:56 2014) c/s: 3.33 trying: abc123 Use the "--show" option to display all of the cracked passwords reliably
crack status
# john --status=mycrack
shadow files
if the system you are trying to crack passwords on uses the /etc/shadow file to store password hashes (very likely), then use john's unshadow utility to construct / consolidate the /etc/passwd and /etc/shadow into one file for cracking
example
# unshadow /etc/passwd /etc/shadow > /var/tmp/passwd-shadow
