Cracking passwords with John the Ripper

Easy tutorial to learn the basics of password cracking

If we are cracking local accounts passwords in a Unix/Linux environment. First you will need to merge “/etc/passwd” and “/etc/shadow” system files into one:

unshadow passwd shadow > passwd.1

Then there are two possible techniques:

Technique #1: Dictionary Attack

This is useful when we have a long dictionary with common passwords, so we want to audit that no user is using a weak password. One good dictionary you can get in Kali Linux is rockyou.txt, it contains a nice selection of 14,344,392 most common passwords (Kali 2021.1).

cp /usr/share/wordlists/rockyou.txt.gz .

gunzip rockyou.txt.gz

john -w:rockyou.txt passwd.1

Technique #2: Brute-force Attack

If the passwords are very short, we can use brute-force to get them easily:

john -i passwd.1

Thanks for reading Learn Pentesting like a Pro! Subscribe for free to receive new posts.






Leave a Reply

Your email address will not be published. Required fields are marked *