Difference between revisions of "johntheripper mini howto"
(Created page with " == cracking passwords == simple crack on single user "admin" in password file using default john word list and settings # john --users=admin --session=mycrack /etc/pas...") |
(→cracking passwords) |
||
| (9 intermediate revisions by one user not shown) | |||
| Line 8: | Line 8: | ||
simple crack on single user "admin" in password file using default john word list and settings | simple crack on single user "admin" in password file using default john word list and settings | ||
| − | # john --users=admin --session=mycrack /etc/passwd | + | # '''john --users=admin --session=mycrack /etc/passwd''' |
the password file must include the password hashes | the password file must include the password hashes | ||
| + | crack using specified word list | ||
| + | |||
| + | # '''john --users=admin --wordlist=/var/tmp/wordlist.txt /etc/passwd''' | ||
| + | Loaded 1 password hash (FreeBSD MD5 [128/128 SSE2 intrinsics 12x]) | ||
| + | abc123 (admin) | ||
| + | guesses: 1 time: 0:00:00:00 DONE (Sat Jun 7 00:35:56 2014) c/s: 3.33 trying: abc123 | ||
| + | Use the "--show" option to display all of the cracked passwords reliably | ||
| + | |||
| + | (this test wordlist was just one word with a known password of abc123 for admin) | ||
== crack status == | == crack status == | ||
| − | # john --status=mycrack | + | to view status of an ongoing session |
| + | john --status=''<session_name>'' | ||
| + | |||
| + | example | ||
| + | # '''john --status=mycrack''' | ||
| + | |||
| + | == showing successfully cracked password == | ||
| + | |||
| + | john will report successfully guesses to stdout as in the example above. but, if you backgrounded or closed you terminal and want to view it after the fact... then john records them in $HOME/.john/john.pot. this file is not human readable. to view contents run... | ||
| + | |||
| + | john --show ''<path_to_cracked_passwd_file>'' | ||
| + | |||
| + | # '''john --show /etc/passwd''' | ||
| + | admin:abc123:0:0::/home/admin:/bin/bash | ||
| + | 1 password hash cracked, 0 left | ||
== shadow files == | == shadow files == | ||
| Line 23: | Line 46: | ||
example | example | ||
| − | # unshadow /etc/passwd /etc/shadow > /var/tmp/passwd-shadow | + | # '''unshadow /etc/passwd /etc/shadow > /var/tmp/passwd-shadow''' |
[[category:hacking]] | [[category:hacking]] | ||
Latest revision as of 05:53, 7 June 2014
Contents |
cracking passwords
simple crack on single user "admin" in password file using default john word list and settings
# john --users=admin --session=mycrack /etc/passwd
the password file must include the password hashes
crack using specified word list
# john --users=admin --wordlist=/var/tmp/wordlist.txt /etc/passwd Loaded 1 password hash (FreeBSD MD5 [128/128 SSE2 intrinsics 12x]) abc123 (admin) guesses: 1 time: 0:00:00:00 DONE (Sat Jun 7 00:35:56 2014) c/s: 3.33 trying: abc123 Use the "--show" option to display all of the cracked passwords reliably
(this test wordlist was just one word with a known password of abc123 for admin)
crack status
to view status of an ongoing session
john --status=<session_name>
example
# john --status=mycrack
showing successfully cracked password
john will report successfully guesses to stdout as in the example above. but, if you backgrounded or closed you terminal and want to view it after the fact... then john records them in $HOME/.john/john.pot. this file is not human readable. to view contents run...
john --show <path_to_cracked_passwd_file>
# john --show /etc/passwd admin:abc123:0:0::/home/admin:/bin/bash 1 password hash cracked, 0 left
shadow files
if the system you are trying to crack passwords on uses the /etc/shadow file to store password hashes (very likely), then use john's unshadow utility to construct / consolidate the /etc/passwd and /etc/shadow into one file for cracking
example
# unshadow /etc/passwd /etc/shadow > /var/tmp/passwd-shadow
