To crack a Fedora Core password hash easily, the john the ripper utility will come in handy. This allows cracking of Linux passwords without much fuss as long as the password is in the wordlist.
Install the utility.
[root@darkstar Documents]# dnf install john |
Then it is necessary to make a copy of the /etc/shadow file in a directory like ~/Documents, this will make it easily accessible. Just make sure your user has permissions to read it.
root@darkstar Documents]# cp /etc/shadow /home/jason/Documents/passwords root@darkstar Documents]# chown jason passwords [root@darkstar Documents]# chgrp jason passwords |
Now the password cracking can begin.
[jason@darkstar Documents]$ john passwords -wordlist=rockyou.txt Loaded 2 password hashes with 2 different salts (crypt, generic crypt(3) [?/64]) Press 'q' or Ctrl-C to abort, almost any other key for status mypasswordissecure (jason) 1g 0:00:00:11 0% 0.08857g/s 323.1p/s 331.6c/s 331.6C/s 7895123..bloody Use the "--show" option to display all of the cracked passwords reliably Session aborted [jason@darkstar Documents]$ mc [jason@darkstar Documents]$ john passwords -wordlist=rockyou.txt Loaded 2 password hashes with 2 different salts (crypt, generic crypt(3) [?/64]) Press 'q' or Ctrl-C to abort, almost any other key for status 302c64&*( (jason) |
The password was cracked, this password is not very secure after all. This is a very easy way to get Linux passwords, instead of using oclhashcat. Although that is good too. Cracking a Debian password with oclHashcat is doable and fun too. http://securitronlinux.com/bejiitaswrath/how-to-crack-a-sha512-linux-password-hash-with-oclhashcat-on-linux/. This is easy as well, but requires more setup and preparation.