Page 2 of 2 FirstFirst 12
Results 11 to 16 of 16

Thread: Passwords, John The Ripper, etc.

  1. #11
    How to use John the Ripper
    Learn to use this tool to crack passwd files

    Below is an example passwd file:

    jeunehom:uRavlb2TZc7fA:10009:100:Fanny JEUNEHOMME,Promo2001:/home/jeunehom:/bin/bash cellier:6VVFRl.ib8J4E:10012:100:Remi Cellier,Promo2001:/home/cellier:/bin/bash dischamp:bAndzoL65f2sY:10017:100:Sylvestre Dischamp, Promo2001:/home/dischamp:/bin/bash artus:z0A3df0OmqmFI:10027:100:Guillaume ARTUS,Promo2001:/home/artus:/bin/bash conti:ai05V8QKeoy5.:10031:100:Igor Conti,Promo2001:/home/conti:/bin/bash villard:/SMP6Kp/Ta7IE:10034:100:Eric villard, Promo2001:/home/villard:/bin/bash thong:ILZ5vYepxdrXI:10036:100aniel Thong, Promo2001:/home/thong:/bin/bash caronst:RCKjguAg2gcUA:520:100:Stephane Caron,externe:/home/caronst:/bin/bash humberte:RHLuzAqk4q6tg:524:100:Eric Humbert,externe:/home/humberte:/bin/bash lett:CCstsGLHidWfk:10038:100:Jean-Francois LETT, Promo2002,,:/home/lett:/bin/bash pouillon:3O6MbRS70BOD2:512:100:Yann Pouillon,externe:/home/pouillon:/bin/bash changey:rttCjavOaeC82:10039:100:Sebastien CHANGEY, Promo2002:/home/changey:/bin/bash


    This is what it would appear like with most exploits, so now you have to break the passwd file up into single line entries as follows:

    jeunehom:uRavlb2TZc7fA:10009:100:Fanny JEUNEHOMME,Promo2001:/home/jeunehom:/bin/bash
    cellier:6VVFRl.ib8J4E:10012:100:Remi Cellier,Promo2001:/home/cellier:/bin/bash
    dischamp:bAndzoL65f2sY:10017:100:Sylvestre Dischamp, Promo2001:/home/dischamp:/bin/bash
    artus:z0A3df0OmqmFI:10027:100:Guillaume ARTUS,Promo2001:/home/artus:/bin/bash
    conti:ai05V8QKeoy5.:10031:100:Igor Conti,Promo2001:/home/conti:/bin/bash
    villard:/SMP6Kp/Ta7IE:10034:100:Eric villard, Promo2001:/home/villard:/bin/bash
    thong:ILZ5vYepxdrXI:10036:100aniel Thong, Promo2001:/home/thong:/bin/bash
    caronst:RCKjguAg2gcUA:520:100:Stephane Caron,externe:/home/caronst:/bin/bash
    humberte:RHLuzAqk4q6tg:524:100:Eric Humbert,externe:/home/humberte:/bin/bash
    lett:CCstsGLHidWfk:10038:100:Jean-Francois LETT, Promo2002,,:/home/lett:/bin/bash
    pouillon:3O6MbRS70BOD2:512:100:Yann Pouillon,externe:/home/pouillon:/bin/bash
    changey:rttCjavOaeC82:10039:100:Sebastien CHANGEY, Promo2002:/home/changey:/bin/bash


    Now examine an entry:

    jeunehom:uRavlb2TZc7fA:10009:100:Fanny JEUNEHOMME,Promo2001:/home/jeunehom:/bin/bash

    Username: jeunehom
    Password Hash: uRavlb2TZc7fA
    Permissions: 10009:100
    Name: Fanny JEUNEHOMME,Promo2001
    Home Directory: /home/jeunehom
    Logon Shell: /bin/bash

    So to crack this take a text editor and place the entire entry into it, name the file passwd.txt then go into dos and execute john with a simmilar command line to the following:

    D:\Apps\JOHN-16\RUN>john passwd.txt
    Loaded 1 password (Standard DES [48/64 4K])

    John the Ripper is now brute forcing passwd.txt to check its progress you can press space and it will come up with something like the following:

    guesses: 0 time: 0:00:00:03 (3) c/s: 37110 trying: shance1 - meter

    When John the Ripper returns you to the command prompt the passwd has been cracked, to view it do the following:

    D:\Apps\JOHN-16\RUN>john -show passwd.txt
    albert:jupiter:666:666:Section 3:/home/section3:/bin/csh

    This shows us that the user 'albert' with a password of 'jupiter' has been found.

    Now try this on yourself....

    Make your own wordlist fairly simple. Hope this help's!

  2. #12
    AntiOnline Senior Member souleman's Avatar
    Join Date
    Oct 2001
    Location
    Flint, MI
    Posts
    2,883
    Humm, where did you get that from blut23? If you wrote it yourself, I am quite surprised, because both the current password being checked and the password that were cracked are not in the original password file.
    \"Ignorance is bliss....
    but only for your enemy\"
    -- souleman

  3. #13
    Naw, he's gettin' the output from one of the cyberarmy challeneges, and the rest of it looks bongo.

  4. #14
    Banned
    Join Date
    Sep 2001
    Posts
    521
    there is a mode in JTR that is -i i forgot what the whole word is seeing as i havent used JTR in a long while, but it basically does it without a dictionary file, its more efficiant, takes longer but works better

  5. #15
    Senior Member
    Join Date
    Oct 2001
    Posts
    638
    Hence i need a tool which will e.g. import two different wordlists and kill all the duplicates and spit out a new file.
    Can't you use the unix diff command for this? Just find the differences and pipe the output to a file. If diff doesn't acutally have a switch that only prints the differences between two files, you can use grep to only print the lines that start with < or > to the file depending on what you want.

    By the way, it isn't password cracking, it is password "auditing." There is a BIG difference.
    Essentially, they are two names for the same thing. As long as you have permission to do it, it doesn't matter what you call it. In other words, when I'm doing a password "audit", I really mean that I'm trying to crack my own password file. "Audit" is just a nice way of saying it so that I don't scare the kids .

    lol wait.. isnt John The Ripper a really OLLLLDDD password cracker??
    Hehe, yeah it's old but it's still the best password cracker (oops I mean password auditer) around .
    OpenBSD - The proactively secure operating system.

  6. #16
    Junior Member
    Join Date
    Mar 2002
    Posts
    8
    i have an interesting problem for u!
    our systems administrator has blocked access to DOS, sys files, config files and everything useful. i need access to some of these files and up to now password crackers have all required to use DOS to run the dictoinary files. is there any way around this? what programs can u suggest? and how do they work?
    Chewitt

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •