 |
 |
 |
 |
 |
  |
|||
 |
 |
 |
|
|
John The Ripper
John the Ripper is a fast password cracker, currently available for many flavours of Unix, DOS, Win32, BeOS, and OpenVMS. Its primary purpose is to detect weak Unix passwords. Besides several crypt(3) password hash types most commonly found on various Unix flavours, supported out of the box are Kerberos AFS and Windows NT/2000/XP/2003 LM hashes, plus several more with contributed patches.
John the Ripper has also gone commercial, you can purchase a PRO option with support from prices $40 and above. This version gives you:
It is available from: http://www.openwall.com/john/
Installation: $tar xzf john-1.7.0.tar.gz
Execution: Copy the /etc/passwd and /etc/shadow files to the /john-1.6.40/run directory ./unshadow passwd shadow > file_to_crack
Try the single cracking mode first ./john -single file_to_crack
This may break out a few passwords in the first instance, if not it may be worth using a dictionary based attack against the combined file (file_to_crack): ./john -w=location_of_dictionary_file -rules file_to_crack
A good dictionary file is available here.
If you need to temporarily stop a session you can restart it later with the command: ./john -restore
The results from your password cracking session are stored in a file called john.pot. This file, however, is not nice to read and it is best to let john do the work for you and present you with an easily readable final format: ./john -show file_to_crack
Obviously if you want a total brute force option, the way to go is:
./john --incremental:All file_to_crack
A review of all modes in the doc directory under the root of john will give you all the modes you can actually use. There are so many options for this tool, that's why I like it so much.
|
IT Security News:
Pen Testing Framework:
Latest Tool Reviews:
|
| © VulnerabilityAssessment.co.uk 23 February 2008 |
|
