Posted: 26 December 2016. At: 4:10 PM. This was 8 years ago. Post ID: 10118
Page permalink. WordPress uses cookies, or tiny pieces of information stored on your computer, to verify who you are. There are cookies for logged in users and for commenters.
These cookies expire two weeks after they are set.

Crack a Fedora 25 password with john the ripper easily. This is fun.

To crack a Fedora Core password hash easily, the john the ripper utility will come in handy. This allows cracking of Linux passwords without much fuss as long as the password is in the wordlist.

Install the utility.

[root@darkstar Documents]# dnf install john

Then it is necessary to make a copy of the /etc/shadow file in a directory like ~/Documents, this will make it easily accessible. Just make sure your user has permissions to read it.

root@darkstar Documents]# cp /etc/shadow /home/jason/Documents/passwords
root@darkstar Documents]# chown jason passwords 
[root@darkstar Documents]# chgrp jason passwords

Now the password cracking can begin.

[jason@darkstar Documents]$ john passwords -wordlist=rockyou.txt
Loaded 2 password hashes with 2 different salts (crypt, generic crypt(3) [?/64])
Press 'q' or Ctrl-C to abort, almost any other key for status
mypasswordissecure        (jason)
1g 0:00:00:11 0% 0.08857g/s 323.1p/s 331.6c/s 331.6C/s 7895123..bloody
Use the "--show" option to display all of the cracked passwords reliably
Session aborted
[jason@darkstar Documents]$ mc
[jason@darkstar Documents]$ john passwords -wordlist=rockyou.txt
Loaded 2 password hashes with 2 different salts (crypt, generic crypt(3) [?/64])
Press 'q' or Ctrl-C to abort, almost any other key for status
302c64&*(        (jason)

The password was cracked, this password is not very secure after all. This is a very easy way to get Linux passwords, instead of using oclhashcat. Although that is good too. Cracking a Debian password with oclHashcat is doable and fun too. This is easy as well, but requires more setup and preparation.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.