How to crack weak passwords using “john-the-ripper”

STEP #1 – Install “John-the-ripper” from the link given below and install using rpm

http://dag.wieers.com/rpm/packages/john/

STEP #2 – Use “unshadow” command to combine /etc/passwd and /etc/shadow files, so that john-the-ripper can use it.

/usr/bin/unshadow /etc/passwd /etc/shadow > /tmp/myfile.db

this command combines /etc/passwd and /etc/shadow file to be used.

STEP #3 – Use “john-the-ripper” to see the cracked passwords.

john   -show   /tmp/myfile.db

u1:abc123:505:505::/home/u1:/bin/bash
u2:didi123:506:506::/home/u2:/bin/bash

…shows user u1 has a password of abc123 and u2 has a password of didi123

God Bless.

Alok Srivastava


Advertisements