John the ripper

'John' is a known password cracking tool widely used by all penetration tester. It's easy to use and can be found on almost every linux distribution.

'John' supports a lot of parameters that will help you crack a password  faster, just run $john  

Below is a quick setup guide to install it on  Fedora Linux with two easy steps :

  1. Become 'root'  using the command $ su - root
  2. As the 'root' user run the command # dnf install john  

 

> Now, you are ready to crack !

The lines below are from a shadow file (/etc/shadow) of a Linux system:

alice:$6$.s6xaWmE$bJiOsP5cW72kG1JcpR9ALCNkE4gTbzVj59BrGTNRwv9PdUo0M9BYb/RgyCU/DRE8O3y3Mg/9vLnOxlH4m0jlM.:17470:0:99999:7:::
bob:$6$aACNZdTj$GYrSPRP.ieCiUfmFFRwKwEByU2rdSdfP4gCij1asUgT.dpmmu3NIDLAAde5cfvNtacI9JUGQUgrBciUWAUWNY1:17470:0:99999:7:::

Each lines consists from 4 main parts : 

  1. The username -> 'alice'
  2. The algorithm used -> $6 (SHA-516)
  3. The salt used -> $.s6xaWmE$
  4. The encrypted password -> $bJiOsP5cW72kG1JcpR9ALCNkE4gTbzVj59BrGTNRwv9PdUo0M9BYb/RgyCU/DRE8O3y3Mg/9vLnOxlH4m0jlM.

> Let's crack the passwords !

As user run $ john /etc/shadow . In our example we use a shadow file that contains the above 2 hashes (alice & bob)

 

Tips:

  • ‚Äč 'John' supports also external password list (lists with known passwords). You can find plenty of them by running a quick google search .
  • A cryptographic salt is made up of random bits added to each password instance before its hashing. Salts create unique passwords even in the instance of two users choosing the same passwords.