================
Ive read few tutorials . This is a torn down version of what ive collected .Tell me if u liked it. Sometimes, even if you are experienced in password cracking, you won't be able to crack the password or even get your own password. This is a pure technical manual and will give you only the recipe for cracking, but every password needs different approach...
OK, so a good way to get somewhere is to start getting somewhere...
What you're about to learn is to crack *nix(Unix/Linux/etc.) password files. It does not mean that you need to have some Unix distribution on your box, but it means you'll have to stop clicking your ass off all around the screen... 'What this fool is trying to say', you'll probably ask... This fool is trying to say that john is a DOS program (there is also Linux/Unix version, but I guess that most of the people that read this tutorial have win boxes). I will try to put this tutorial through the examples so it wouldn't look like a boring script with incredible amount of switches. After reading this text it wouldn't be a bad idea to look at the texts you get with John. I learnt it all from there, but that, of course, was the hard way, and you want the easy way, right? Right.
First, it wouldn't be a bad idea to get yourself John the Ripper, I guess... if you don't have it you can find it at:
1) packetstorm.securify.com (look at archives, password cracking)
2) neworder.box.sk (do some searching by yourself)
John can be found practically anywhere. For example: try going to altavista.com or google.com and running a search for 'john the ripper'.
Second thing you'll need is.... a HUUUUGE amount of password dictionaries (I'll explain what these are in a minute). The best dictionary around is at www.theargon.com and packetstorm (look at the archives) and is called theargonlistserver1 and is about 20Mb packed, and over 200Mb
unpacked... get it!!!! The people at theargon did a terrific job.
You should also get some smaller dictionary files (I'll explain why later).
2) Do we look like *nix?
========================
So now you have john, loaded with that huuuuge pass dictionary, and you think that you can crack anything... If you plan to live for 100000 years, that wouldn't be a problem, but you only have some 80 years left in the best case scenario (unless, of course, scientists find a way to... oh, nevermind).
Now, the first thing is that you have to make sure your password file really looks like a Unix password file (were talking about the /etc/passwd file).
Let's see how Unix pass files look like
owner:Ejrt3EJUnh5Ms:510:102: Some free text:/home/subdir/owner:/bin/bash
The important part is the username and the encrypted password, which are the first and the second parts (each line is divided into seven parts by : symbols)
owner:Ejrt3EJUnh5Ms
Owner is the username and 'that other thing' is the crypted password (encrypted in altered DES (Data Encryption Standard) encryption). For the other part you can put anything that looks like that but the structure must be same so the john could recognize it as unix pass. In fact the other part
:510:102
ome free text:/home/subdir/owner:/bin/bashIs just some information about the user, his home directory, etc...
Sometimes you'll have passes that have only the first and second part, such as password files that you got from a webboard running matt's web board script.
No comments:
Post a Comment