Difference between revisions of "johntheripper mini howto"
From thelinuxwiki
(→crack status) |
|||
Line 23: | Line 23: | ||
to view status of an ongoing session | to view status of an ongoing session | ||
− | ''john --status=<session_name> | + | ''john --status=<session_name>'' |
example | example |
Revision as of 05:50, 7 June 2014
Contents |
cracking passwords
simple crack on single user "admin" in password file using default john word list and settings
# john --users=admin --session=mycrack /etc/passwd
the password file must include the password hashes
crack using specified word list...
# john --users=admin --wordlist=/var/tmp/wordlist.txt /etc/passwd Loaded 1 password hash (FreeBSD MD5 [128/128 SSE2 intrinsics 12x]) abc123 (admin) guesses: 1 time: 0:00:00:00 DONE (Sat Jun 7 00:35:56 2014) c/s: 3.33 trying: abc123 Use the "--show" option to display all of the cracked passwords reliably
crack status
to view status of an ongoing session
john --status=<session_name>
example
# john --status=mycrack
showing successfully cracked password
john will report successfully guesses to stdout as in the example above. but, if you backgrounded or closed you terminal and want to view it after the fact... then john records them in $HOME/.john/john.pot. this file is not human readable. to view contents run...
# john --show <path_to_cracked_passwd_file>
# john --show /etc/passwd
shadow files
if the system you are trying to crack passwords on uses the /etc/shadow file to store password hashes (very likely), then use john's unshadow utility to construct / consolidate the /etc/passwd and /etc/shadow into one file for cracking
example
# unshadow /etc/passwd /etc/shadow > /var/tmp/passwd-shadow