NML Says

Ethical Password Cracking

This is not part of teaching crime. Cracking passwords is illegal unless you have specific permission from the target of the activity.

The only ligitimate reason to try this, is to gauge the level of protection in the system that is the target of this endeavour.

We shall look at three programs capable of cracking passwords. They are all part of a standard installation of the Linux distribution Kali Linux. The programs are

References for this Part

John the Ripper

Documentation and Installation

The official website with download and installation information is at (https://www.openwall.com/john/).

A good tutorial may be found at (https://www.varonis.com/blog/john-the-ripper)

Hands On

In this concrete case we have made john attempt to crack the passwords of a Linux system. This requires an initial step to gather the password info into one file. The program for that is part of the JtR package:

1

$ unshadow /etc/passwd /etc/shadow > tocrack.txt

Then, when the hashed passwords are available in tocrack.txt we do step 1 of the process:

1

$ john --wordlist=$WORDLISTS --rules --users=root,nml,tester11 tocrack.txt --format=crypt

In both cases the $ prompt suggests that the processes may be run as a regular, unprivileged user. The output from step 1 will be something similar to:

1
2
3
4
5
6
7
8
9

Using default input encoding: UTF-8
Loaded 2 password hashes with 2 different salts (crypt, generic crypt(3) [?/64])
Remaining 1 password hash
Cost 1 (algorithm [1:descrypt 2:md5crypt 3:sunmd5 4:bcrypt 5:sha256crypt 6:sha512crypt]) is 0 for all loaded hashes
Cost 2 (algorithm specific iterations) is 1 for all loaded hashes
Will run 4 OpenMP threads
Press 'q' or Ctrl-C to abort, almost any other key for status
0g 0:00:00:36 DONE (2022-01-07 18:14) 0g/s 130.7p/s 130.7c/s 130.7C/s Passing..Starwarsing
Session completed.

Hydra

Hydra is …

1

$ test

Hands On

bla bla

Hashcat

Hashcat is …

Hands On

bla bla