Crack a Fedora 25 password with john the ripper easily. This is fun.

Posted: December 26, 2016. At: 4:10 PM. This was 11 months ago. Post ID: 10118
Page permalink: http://securitronlinux.com/bejiitaswrath/crack-a-fedora-25-password-with-john-the-ripper-easily-this-is-fun/

To crack a Fedora Core password hash easily, the john the ripper utility will come in handy. This allows cracking of Linux passwords without much fuss as long as the password is in the wordlist.

Install the utility.

[[email protected] Documents]# dnf install john

Then it is necessary to make a copy of the /etc/shadow file in a directory like ~/Documents, this will make it easily accessible. Just make sure your user has permissions to read it.

[email protected] Documents]# cp /etc/shadow /home/jason/Documents/passwords

[email protected] Documents]# chown jason passwords 

[[email protected] Documents]# chgrp jason passwords

Now the password cracking can begin.

[[email protected] Documents]$ john passwords -wordlist=rockyou.txt
Loaded 2 password hashes with 2 different salts (crypt, generic crypt(3) [?/64])
Press 'q' or Ctrl-C to abort, almost any other key for status
mypasswordissecure        (jason)
1g 0:00:00:11 0% 0.08857g/s 323.1p/s 331.6c/s 331.6C/s 7895123..bloody
Use the "--show" option to display all of the cracked passwords reliably
Session aborted
[[email protected] Documents]$ mc

[[email protected] Documents]$ john passwords -wordlist=rockyou.txt
Loaded 2 password hashes with 2 different salts (crypt, generic crypt(3) [?/64])
Press 'q' or Ctrl-C to abort, almost any other key for status
302c64&*(        (jason)

The password was cracked, this password is not very secure after all. This is a very easy way to get Linux passwords, instead of using oclhashcat. Although that is good too. Cracking a Debian password with oclHashcat is doable and fun too. http://securitronlinux.com/bejiitaswrath/how-to-crack-a-sha512-linux-password-hash-with-oclhashcat-on-linux/. This is easy as well, but requires more setup and preparation.

No comments have been made. Use this form to start the conversation :)

Leave a Reply