Now i try to cracking the password that i got in my previous article.I use John The Ripper tools in my backtrack 5 R1.
John the Ripper is a free password cracking software tool. Initially developed for the UNIX operating system, it currently runs on fifteen different platforms (11 architecture-specific flavors of Unix, DOS, Win32, BeOS, and OpenVMS). It is one of the most popular password testing/breaking programs as it combines a number of password crackers into one package, autodetects password hash types, and includes a customizable cracker. It can be run against various encrypted password formats including several crypt password hash types most commonly found on various Unix flavors (based on DES, MD5, or Blowfish), Kerberos AFS, and Windows NT/2000/XP/2003 LM hash. Additional modules have extended its ability to include MD4-based password hashes and passwords stored in LDAP, MySQL, and others.
John The Ripper located in Apps -> Privileges Escalation -> Password Attacks -> Offline Attacks -> Jonh The Ripper.
If you want to see a manual instruction to use this tools, just type a command help in that tools and will be appear a manual of this tools like the picture below.
Ok, first step to crack the password is copy the result that we got in /etc/shadow to a notepad editor and save with an extension .txt and then save that file inside the directory /root/pentest/password/john . I save it wiith the name is password.txt
There are 3 mode in John The Ripper to decrypt password :
1. Single Mode : in this mode, John The Ripper will try to search the weakest password from all the password. Syntax : john -si <passfile>
Example : john -si password.txt
2. Wordfile mode : Wordfile mode is need a dictionary word
Syntax : john -w:<wordlist> <passfile>
Example : john -w:words.lst password.txt
3. Incremental mode : this mode is the slowest way and try to decrypt all of the password.
There are 4 basic command in this mode:
a. digits : Will try to decrypt all passwords with alphanumeric characters
b. alpha : Will try to decrypt all passwords with different character
c. all : Will try to decrypt all passwords with all characters
including special characters, co:!^&?
d. not select mode: Will try decrypt the password in any way
b. alpha : Will try to decrypt all passwords with different character
c. all : Will try to decrypt all passwords with all characters
including special characters, co:!^&?
d. not select mode: Will try decrypt the password in any way
Syntax : john -i [passfile]
john -i:DIGITS [passfile]
john -i:ALPHA [passfile]
john -i:ALL [passfile]
Ok, In this session i try to use single mode. But i failed to hashes the password.
Then i choose the third mode to decrypt the passwords because i dont have a dictionary word to use the Wordfile mode. I try to use Incremental mode.
I type a command john -i password.txt and i must waiting for long time.
If you want to stop the process, just press CTRL+C and if you want to continue it you can use a command john -restore.
Until i made this post, the process to cracking password is still running.
No comments:
Post a Comment