Home    Training    Downloads    Tutorials    Arbitary    Get Fate    Proxy Info
 
Training session 1: John the Ripper
Difficulty: Extremely Easy
Learn to use this tool to crack passwd files
Creator: m101


Below is an example passwd file:

jeunehom:uRavlb2TZc7fA:10009:100:Fanny JEUNEHOMME,Promo2001:/home/jeunehom:/bin/bash cellier:6VVFRl.ib8J4E:10012:100:Remi Cellier,Promo2001:/home/cellier:/bin/bash dischamp:bAndzoL65f2sY:10017:100:Sylvestre Dischamp, Promo2001:/home/dischamp:/bin/bash artus:z0A3df0OmqmFI:10027:100:Guillaume ARTUS,Promo2001:/home/artus:/bin/bash conti:ai05V8QKeoy5.:10031:100:Igor Conti,Promo2001:/home/conti:/bin/bash villard:/SMP6Kp/Ta7IE:10034:100:Eric villard, Promo2001:/home/villard:/bin/bash thong:ILZ5vYepxdrXI:10036:100:Daniel Thong, Promo2001:/home/thong:/bin/bash caronst:RCKjguAg2gcUA:520:100:Stephane Caron,externe:/home/caronst:/bin/bash humberte:RHLuzAqk4q6tg:524:100:Eric Humbert,externe:/home/humberte:/bin/bash lett:CCstsGLHidWfk:10038:100:Jean-Francois LETT, Promo2002,,:/home/lett:/bin/bash pouillon:3O6MbRS70BOD2:512:100:Yann Pouillon,externe:/home/pouillon:/bin/bash changey:rttCjavOaeC82:10039:100:Sebastien CHANGEY, Promo2002:/home/changey:/bin/bash


This is what it would appear like with most exploits, so now we have to break the passwd file up into single line entries as follows:

jeunehom:uRavlb2TZc7fA:10009:100:Fanny JEUNEHOMME,Promo2001:/home/jeunehom:/bin/bash
cellier:6VVFRl.ib8J4E:10012:100:Remi Cellier,Promo2001:/home/cellier:/bin/bash
dischamp:bAndzoL65f2sY:10017:100:Sylvestre Dischamp, Promo2001:/home/dischamp:/bin/bash
artus:z0A3df0OmqmFI:10027:100:Guillaume ARTUS,Promo2001:/home/artus:/bin/bash
conti:ai05V8QKeoy5.:10031:100:Igor Conti,Promo2001:/home/conti:/bin/bash
villard:/SMP6Kp/Ta7IE:10034:100:Eric villard, Promo2001:/home/villard:/bin/bash
thong:ILZ5vYepxdrXI:10036:100:Daniel Thong, Promo2001:/home/thong:/bin/bash
caronst:RCKjguAg2gcUA:520:100:Stephane Caron,externe:/home/caronst:/bin/bash
humberte:RHLuzAqk4q6tg:524:100:Eric Humbert,externe:/home/humberte:/bin/bash
lett:CCstsGLHidWfk:10038:100:Jean-Francois LETT, Promo2002,,:/home/lett:/bin/bash
pouillon:3O6MbRS70BOD2:512:100:Yann Pouillon,externe:/home/pouillon:/bin/bash
changey:rttCjavOaeC82:10039:100:Sebastien CHANGEY, Promo2002:/home/changey:/bin/bash


Now let us examine an entry:

jeunehom:uRavlb2TZc7fA:10009:100:Fanny JEUNEHOMME,Promo2001:/home/jeunehom:/bin/bash

Username: jeunehom
Password Hash: uRavlb2TZc7fA
Permissions: 10009:100
Name: Fanny JEUNEHOMME,Promo2001
Home Directory: /home/jeunehom
Logon Shell: /bin/bash

So to crack this take a text editor and place the entire entry into it, name the file passwd.txt then go into dos and execute john with a simmilar command line to the following:

D:\Apps\JOHN-16\RUN>john passwd.txt
Loaded 1 password (Standard DES [48/64 4K])

John the Ripper is now brute forcing passwd.txt to check its progress you can press space and it will come up with something like the following:

guesses: 0 time: 0:00:00:03 (3) c/s: 37110 trying: shance1 - meter

When John the Ripper returns you to the command prompt the passwd has been cracked, to view it do the following:

D:\Apps\JOHN-16\RUN>john -show passwd.txt
albert:jupiter:666:666:Section 3:/home/section3:/bin/csh

This shows us that the user 'albert' with a password of 'jupiter' has been found.

Now try this for yourself....

Download Example passwd file

Download John the Ripper
Name

URL or Email

Message