How to Crack User Passwords in a Linux System In this article, we'll look at how to grab the password
hashes from a Linux system and crack the hashes using probably the most
widely used password cracking tool out there, John the Ripper.
Let's boot up BackTrack and get hacking!
Where Linux Passwords Are Stored
Linux passwords are stored in the /etc/passwd file in cleartext in older systems and in /etc/shadow
file in hash form on newer systems. We should expect that the passwords
on anything other than old legacy systems to be stored in /etc/shadow.
Step 1: Create Some User Accounts
Since our
BackTrack system probably doesn't have many users on it other than our
root account, let's go ahead and create a couple more accounts.
Let's create user1 with password "flower" and user2 with a password of "hacker".
I've
purposely chosen dictionary words as the complexity of the password is
inversely related to the time necessary to crack it. One of the nice
features of John the Ripper is that it will try to use a dictionary
attack first. If that fails, it will try a hybrid attack. And only if
that fails will it attempt a brute-force attack, which is the most time
consuming.
Step 2: Open John the Ripper
Now that we have a
couple of regular users in our system with simple passwords, we now need to open John the Ripper. John the Ripper is a simple, but powerful
password cracker without a GUI (this helps to make it faster as GUIs
consume resources).
We can access it from BackTrack by going to the BackTrack button on the bottom left, then Backtrack, Privilege Escalation, Password Attacks, Offline Attacks, and finally select John the Ripper from the multiple password cracking tools available.
If you selected the correct menu item, it will open a terminal that looks like this.
By the way, feel free to close our previous terminal as we're finished with it.
Step 3: Test John the Ripper
At the prompt, type:
bt > john -test
This
command will send John the Ripper through a variety of benchmark tests
to estimate how long it will take to break the passwords on your system.
Your terminal will look something like this.
Now
that John has estimated how long each of the encryption schemes will
take to crack, let's put him to work on cracking our passwords.
Step 4: Copy the Password Files to Our Current Directory
Linux stores its passwords in /etc/shadow, so what we want to do is copy this file to our current directory along with the /etc/passwd file, then "unshadow" them and store them in file we'll call passwords. So, let's type both:
bt > cp /etc/shadow ./
bt > cp /etc/passwd ./
In Linux, the cp command means copy and the ./
represents our current directory. So this command says, copy the
contents of /etc/shadow to my current directory. We do the same for the
/etc/ passwd file.
Step 5: Unshadow
Next we need to combine the information in the /etc/shadow and the /etc/passwd files, so that John can do its magic.
bt > ./unshadow passwd shadow > passwords
Step 6: Crack!
Now that we have unshadowed the critical files, we can simply let John run on our password file.
bt > john passwords
John
the Ripper will proceed to attempt to crack your passwords. As you can
see, it cracked
all three of ours in a matter of seconds! Of course,
more complex passwords will take significantly
more time, but all we
need is just one user with a simple password and we have access to the
account in seconds.
It's
also important to note that any password cracker is only as good as its
word list. For more c
omplex or hybrid passwords, you probably want to
use a password list containing far more
passwords, including hybrid
passwords such "p@$$w0rd" that combine special characters into
words.
We'll
be doing more password cracking among numerous other hacks, so keep
coming back!
And if you have any questions, feel free to comment below
ReplyDeleteشركة تركيب طارد الحمام بالرياضشركة تركيب طارد الحمام بالرياض
شركة شحن عفش من الرياض الى الامارات
perde modelleri
ReplyDeletemobil onay
mobil ödeme bozdurma
nft nasıl alinir
ANKARA EVDEN EVE NAKLİYAT
trafik sigortası
Dedektor
web sitesi kurma
aşk kitapları
smm panel
ReplyDeleteSmm Panel
İs İlanlari
İNSTAGRAM TAKİPÇİ SATIN AL
hirdavatciburada.com
beyazesyateknikservisi.com.tr
servis
TİKTOK JETON HİLE
Good content. You write beautiful things.
ReplyDeletesportsbet
taksi
vbet
mrbahis
korsan taksi
hacklink
sportsbet
mrbahis
vbet
Good text Write good content success. Thank you
ReplyDeletebetpark
slot siteleri
kibris bahis siteleri
tipobet
kralbet
betmatik
poker siteleri
bonus veren siteler
karabük
ReplyDeletekaraman
giresun
kastamonu
antep
EVJ06G
yurtdışı kargo
ReplyDeleteresimli magnet
instagram takipçi satın al
yurtdışı kargo
sms onay
dijital kartvizit
dijital kartvizit
https://nobetci-eczane.org/
NJ3QH0
salt likit
ReplyDeletesalt likit
dr mood likit
big boss likit
dl likit
dark likit
P3ASZQ
https://saglamproxy.com
ReplyDeletemetin2 proxy
proxy satın al
knight online proxy
mobil proxy satın al
OAZ