.

Cracking Passwords with John

<<

Jamie.R

User avatar

Sr. Member
Sr. Member

Posts: 435

Joined: Mon Aug 06, 2012 9:57 am

Location: UK

Post Mon Aug 06, 2012 2:26 pm

Cracking Passwords with John

We have all cracked some passwords with John before, but I just want to go over a methology I use to crack passwords. I am going to use the password dump for this demo just to show how it works.

The first thing you may want to do is make sure you are running John the jumbo pack. Once this has been installed you may want to install the linkedin plugin which can be found here. john patches

Applying the patch is pretty straight forward just patch -p1 < ../location of patch. Once this has been done you will need to do a clean build of John.

The first thing I like to do when getting a password dump or some hashes is to try and think who the user is, what Country they are in and where are they based in that Country. Then I think about sports teams in that area, famous dates and people in that area and also any special words they may say or spell in a different way; this all goes into a wordlist.

I tend to start just by running the wordlist to see how many hits I can get, once I have got all the hits from them I then run an English dictionary wordlist as well as any other Country wordlist then I will run the rockyou.txt password list. This is a really good list which can be download from here: skullsecurity

This should really start getting you a lot of hits but it may take a bit of time to finish.

The next thing to try is using rules with John the Ripper, this allows you to supply a wordlist and add to that wordlist. For example you may have a year rule that will go through the wordlist; adding a year to the end. The best rules are on the kore logic website Korelogic again these are pretty straight forward. To apply just download them
cat rules.txt >> john.conf This will appened the rules to the john.conf file.

On the website it also gives you a list of the rules and what they do so you have:

KoreLogicRulesAppendNumbers_and_Specials_Simple:
KoreLogicRulesPrependYears:
KoreLogicRulesAppend4Num:
KoreLogicRulesAppendJustNumbers:

So on……

In order to use the rule you just supply the rules options as the example below shows:

./john -w:Lastnames.dic –format:nt –rules:KoreLogicRulesAdd2010Everywhere pwdump.txt

Again this will take some time but should present you even more results.

If that fails to get all the passwords I then try another trick you need to download a file from korelogic website Korelogic Just scroll down to where it says John the Ripper and download the rockyou.chr this file was based on statistics from a large database dump recently so it is more up to date on how passwords are selected and user behaviour. As it stands John uses the all.chr but this is a pretty old file and based on passwords and user behaviour from around 2009.

With the rockyou.chr you don’t need to supply a wordlist so it’s just a case of

./john -i:rockyou.chr pwdump.txt
| OSWP | eCPPT Silver and Gold | eWPT |

I'm an InterN0T'er
<<

tmcalain

Newbie
Newbie

Posts: 2

Joined: Mon Aug 06, 2012 3:26 pm

Post Mon Aug 06, 2012 3:46 pm

Re: Cracking Passwords with John

Great short method document.  Thanks for the tip on the password file update.
<<

Jamie.R

User avatar

Sr. Member
Sr. Member

Posts: 435

Joined: Mon Aug 06, 2012 9:57 am

Location: UK

Post Tue Aug 07, 2012 3:18 am

Re: Cracking Passwords with John

Glad you liked it most of the tiops I guess people know already know but maybe some newbi into pentesting might not know the best approach for this.
| OSWP | eCPPT Silver and Gold | eWPT |

I'm an InterN0T'er
<<

Jamie.R

User avatar

Sr. Member
Sr. Member

Posts: 435

Joined: Mon Aug 06, 2012 9:57 am

Location: UK

Post Tue Aug 28, 2012 1:26 pm

Re: Cracking Passwords with John

| OSWP | eCPPT Silver and Gold | eWPT |

I'm an InterN0T'er
<<

azmatt

User avatar

Full Member
Full Member

Posts: 103

Joined: Sun Jul 29, 2012 2:11 pm

Post Wed Aug 29, 2012 12:20 am

Re: Cracking Passwords with John

Thank you for posting this.
GCFA, GCIH, GCIA, GWAPT, CISSP, CEH, GSEC

Return to Tutorials

Who is online

Users browsing this forum: No registered users and 0 guests

.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software