CRACKING PASSWORD (JTR)

Posted by Unknown on 08:35 with No comments

CRACKING PASSWORD (JTR)

 

John the Ripper password cracker

John the Ripper is a fast password cracker, currently available for many flavors of Unix, Windows, DOS, BeOS, and OpenVMS. Its primary purpose is to detect weak Unix passwords. JTR is a tool that is used to crack password hash.Currently it can crack more then 40 password types, DES, MD5, LM, NT, crypt ,NETLM and NETNLM.John the Ripper is a free password cracking software tool. Initially developed for the UNIX operating system, it currently runs on fifteen different platforms (eleven architecture-specific flavors of Unix, DOS, Win32, BeOS, and OpenVMS). It is one of the most popular password testing and breaking programs as it combines a number of password crackers into one package, autodetects password hash types, and includes a customizable cracker. It can be run against various encrypted password formats including several crypt password hash types most commonly found on various Unix flavors (based on DES, MD5, or Blowfish), Kerberos AFS, and Windows NT/2000/XP/2003 LM hash. Additional modules have extended its ability to include MD4-based password hashes and passwords stored in LDAP, MySQL, and others.

To start JTR:-

1  root@root:# cd /pentest/passwords/john

2  #./john      

/////this command will display the usage instruction on the screen and even the list of password cracking modes used by john/////

3  root@root: /pentest/passwords/john # ./unshadow  /etc/passwd   /etc/shadow > pass

///// this command will unshadow your hashdump and u can see all the avilable passwords for various users stored in /etc/passwd directory//////

4 root@root: /pentest/passwords/john # ./unshadow  /etc/passwd   /etc/shadow

 following is the snapshot of password file i will crack of root user.


 5 root@root: /pentest/passwords/john # ./john pass       

 ////we use this command to crack the pass////

 

                 

 ///passwords cracked are stored in the john.pot file.To see these passwords you can use the 6th command///

6 root@root: /pentest/passwords/john # ./john --show pass      

////this command will show u the cracked password////

   
                               




NOTE:- THIS WILL WORK ON UNIX ONLY FOR WINDOWS YOU NEED TO FIRST DOWNLOAD THE HASHDUMP FILE FROM WINDOWS AND CRACK USING SAMDUMP AND JOHN.I WILL SHOW U THAT SOON TILL THEN ENJOY WITH UNIX PASS CRACK :)


EDUCATION PURPOSE ONLY.

 

Categories: