>> Now, we'll use John the Ripper to crack passwords.
John, by itself, shows usage help.
There's also a man page for John.
John-test will give you some idea of how long it will take John to crack passwords based
on various cryptographic schemes.
I've added some user accounts with passwords.
By design, I gave the users very simple passwords.
Because the complexity of the password is inversely proportional
to the time needed to crack it.
This is for demonstration purposes only.
According to the documentation, without a file John will try single crack mode first.
In this mode, John tries to crack the password using the geckos [assumed spelling] field
in the etc password file.
Which contains potential information in the following fields.
Full name, room number, work phone, home phone, and other.
If that doesn't work, John uses and incremental mode.
The most powerful mode of them all.
John will try any character combination to resolve the password.
Linux stores the password hashed in etc shadow.
The unshadow tool combines the etc password and etc shadow files so John can use them.
This comes in handy for single crack mode, which uses the geckos [assumed spelling] information.
Now, will combine the etc password and etc shadow files into a file
in the current directory and call the file Rochester.text.
Let's take a look at the contents of this file.
We've got hashes.
Now, let's attack those hashes.
Before we see how John the Ripper works without a file, let's use a word list.
The one that comes with John the Ripper on kali.
John the Ripper had no problem.
Here are the usernames, here are the passwords.
You can use the show option to John, to list all the cracked passwords.
Now, let's use John the Ripper without a word list.
We're going to create a new user, Bob.
Bob's password is Bob10314.
He chose that password because it's a combination of his name and his room number.
Now we'll make a new unshadow file.
And now we'll run John with this file.
The gecko's information was successful in single crack mode.
The rockyou.txt Wordlist
>> When the word file that comes with John the Ripper is unsuccessful in cracking a password,
it's time to use John the Ripper with Rockyou.txt.
A ginormous word list that contains over 14 million words.
First, we'll copy the compressed Rockyou.txt file to the current directory.
Next we'll decompress the file.
Compare the size of the John file.
To the size of Rockyou.txt.
Quite a difference.
Now let's compare the contents of the word lists.
First the John file.
Now Rockyou.txt.
[silence]
Wow. Let's break out with control c. After generating more users
with very complex passwords and making the new unshadow file,
you can use this ginormous Rockyou.txt word list file with John.
[silence]
Rainbow Table Attacks with Ophcrack
>> Ophcrack, the free open source program
that can crack Windows passwords using rainbow tables reportedly has a 99% success rate
in cracking passwords on Windows 8.1, Windows 8, Windows Vista, and Windows XP.
Some internal channels to Windows 10 prohibit Ophcrack from dumping the hashes with ease.
There are clunky ways of doing it but for now,
I'm on a Windows 7 VM through virtual box on my Mac.
I've already downloaded, unzipped, and installed a couple of free tables.
In fact, as you can see, I've already cracked the passwords selected
for demonstrative purposes with Ophcrack.
It took under 10 minutes.
Let me take you through the steps.
First to get the hashes I'm going to dump the local sam with samdump2.
This is the problem with Ophcrack on Windows 10.
These are the user accounts.
These are the hashes.
All that's left to do is click crack.
Make yourself a cup of coffee and wait.
[silence]
235
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
