Eikonal Blog

2010.05.25

John the Ripper

Filed under: infosec — Tags: , , , , , — sandokan65 @ 15:16

Places

Simple dictionary-based cracking

For Linux systems, the hashed passwords are contained in the /etc/shadow file. To use John the ripper, one needs both that file and /etc/passwd.

  • Unshadowing:
    ./unshadow.exe passwd.txt shadow.txt > passwd-unshadowed.txt
  • To run John against the unshadowed password file passwdFile-unshadowed.txt using the predefined word-list mywords.lst, run
    following:
    ./john.exe –wordlist=mywords.lst passwd-unshadowed.txt
  • To see the cracked passwords run:
    ./john.exe –show passwdFile-unshadowed.txt
  • and to save that file:
    ./john.exe –show passwdFile-unshadowed.txt > passwdFile-cracked.txt

Articles


Related here: Default passwords, wordlist and Rainbow tables – https://eikonal.wordpress.com/2010/03/29/default-passwords/ | Passwords cracking – https://eikonal.wordpress.com/2010/01/06/password-crackers/

Create a free website or blog at WordPress.com.