Difference between revisions of "johntheripper mini howto"
(→cracking passwords) |
|||
(6 intermediate revisions by one user not shown) | |||
Line 12: | Line 12: | ||
the password file must include the password hashes | the password file must include the password hashes | ||
− | crack using specified word list | + | crack using specified word list |
# '''john --users=admin --wordlist=/var/tmp/wordlist.txt /etc/passwd''' | # '''john --users=admin --wordlist=/var/tmp/wordlist.txt /etc/passwd''' | ||
Line 19: | Line 19: | ||
guesses: 1 time: 0:00:00:00 DONE (Sat Jun 7 00:35:56 2014) c/s: 3.33 trying: abc123 | guesses: 1 time: 0:00:00:00 DONE (Sat Jun 7 00:35:56 2014) c/s: 3.33 trying: abc123 | ||
Use the "--show" option to display all of the cracked passwords reliably | Use the "--show" option to display all of the cracked passwords reliably | ||
+ | |||
+ | (this test wordlist was just one word with a known password of abc123 for admin) | ||
== crack status == | == crack status == | ||
to view status of an ongoing session | to view status of an ongoing session | ||
− | + | john --status=''<session_name>'' | |
example | example | ||
Line 32: | Line 34: | ||
john will report successfully guesses to stdout as in the example above. but, if you backgrounded or closed you terminal and want to view it after the fact... then john records them in $HOME/.john/john.pot. this file is not human readable. to view contents run... | john will report successfully guesses to stdout as in the example above. but, if you backgrounded or closed you terminal and want to view it after the fact... then john records them in $HOME/.john/john.pot. this file is not human readable. to view contents run... | ||
− | + | john --show ''<path_to_cracked_passwd_file>'' | |
# '''john --show /etc/passwd''' | # '''john --show /etc/passwd''' | ||
+ | admin:abc123:0:0::/home/admin:/bin/bash | ||
+ | 1 password hash cracked, 0 left | ||
== shadow files == | == shadow files == |
Latest revision as of 05:53, 7 June 2014
Contents |
cracking passwords
simple crack on single user "admin" in password file using default john word list and settings
# john --users=admin --session=mycrack /etc/passwd
the password file must include the password hashes
crack using specified word list
# john --users=admin --wordlist=/var/tmp/wordlist.txt /etc/passwd Loaded 1 password hash (FreeBSD MD5 [128/128 SSE2 intrinsics 12x]) abc123 (admin) guesses: 1 time: 0:00:00:00 DONE (Sat Jun 7 00:35:56 2014) c/s: 3.33 trying: abc123 Use the "--show" option to display all of the cracked passwords reliably
(this test wordlist was just one word with a known password of abc123 for admin)
crack status
to view status of an ongoing session
john --status=<session_name>
example
# john --status=mycrack
showing successfully cracked password
john will report successfully guesses to stdout as in the example above. but, if you backgrounded or closed you terminal and want to view it after the fact... then john records them in $HOME/.john/john.pot. this file is not human readable. to view contents run...
john --show <path_to_cracked_passwd_file>
# john --show /etc/passwd admin:abc123:0:0::/home/admin:/bin/bash 1 password hash cracked, 0 left
shadow files
if the system you are trying to crack passwords on uses the /etc/shadow file to store password hashes (very likely), then use john's unshadow utility to construct / consolidate the /etc/passwd and /etc/shadow into one file for cracking
example
# unshadow /etc/passwd /etc/shadow > /var/tmp/passwd-shadow