johntheripper mini howto

From thelinuxwiki
Revision as of 05:44, 7 June 2014 by Nighthawk (Talk | contribs)

Jump to: navigation, search



cracking passwords

simple crack on single user "admin" in password file using default john word list and settings

# john --users=admin --session=mycrack /etc/passwd

the password file must include the password hashes

crack using specified word list...

# john --users=admin --wordlist=/var/tmp/wordlist.txt /etc/passwd
Loaded 1 password hash (FreeBSD MD5 [128/128 SSE2 intrinsics 12x])
abc123       (admin)
guesses: 1  time: 0:00:00:00 DONE (Sat Jun  7 00:35:56 2014)  c/s: 3.33  trying: abc123
Use the "--show" option to display all of the cracked passwords reliably

crack status

# john --status=mycrack

shadow files

if the system you are trying to crack passwords on uses the /etc/shadow file to store password hashes (very likely), then use john's unshadow utility to construct / consolidate the /etc/passwd and /etc/shadow into one file for cracking

example

# unshadow /etc/passwd /etc/shadow > /var/tmp/passwd-shadow