Monday, January 30, 2012

Privilege Escalation (Part 2) : Cracking Password Encryption Using John The Ripper

Okay, on the previous post we've already get to see the content on /etc/shadow file. Now, lets try to dechiper the password encryption using John the Ripper.

1. Go to the john folder.
# cd pentest/passwords/john

2. Lets copy content of the shadow file to the gedit and then save with the same directory as john for easier access, or if you want to tidy it up, make a new folder to save a temporary file that will be cracked by john. Delete all text other than the username and the encrypten password.

3. Lets crack it. Basically when you're not specify the attacking method, John wil use "Single Crack Mode" then "Wordlist Mode" and the last is "Incremental Mode".

# john tmp/satu

And thats it, just wait until the password cracked by John.

0 comments:

Post a Comment