How to crack passwords of Linux users!: In Linux, the passwords of the users will be encrypted with an algorithm called a shadow.
By using the unshadow algorithm we can get the hashes of the passwords.
Through these hashes, we can get the password by using a tool called john.
John will help to crack the hashes of the passwords.
Installing John The Ripper:
$ sudo apt-get install john
$ locate passwd
???? this command will help us to locate the directory of the password file
$ locate shadow
☝ this command will help to locate the shadow file.
$ man unshadow
???? the command helps to get the details of the “unshadow”.
Syntax to use unshadow ????:
$ unshadow passowrd-file shadow-file
This syntax helps to combine the shadow file and password file and the resultant will stored in file name called dump.
$ unshadow /etc/passwd /etc/shadow
$ unshadow /etc/passwd /etc/shadow > 1.txt
$ john 1.txt
Cracking using the wordlist:
The most used wordlist for cracking is “rockyou.txt”. This text file contains millions of the most used passwords.
$ john --wordlist=path_of_wordlist_file filename_of_hashes
Creating a custom wordlist using crunch:
Custom wordlists help us to create the wordlists of our style/pattern.
$ sudo apt-get install crunch
Syntax of crunch:
$ crunch min max charset options
min and max are the numbers which tells the min length and max length of the words. Character set for crunch:
- Loweralpha numeric
- Mix alpha
- Mix alpha-numeric
$ crunch 1 8
This command will display a wprd list that starts with “a” and ends with “z” with a length of 1 to 8.
$ crunch 1 6 abcdefg
This command will display a wordlist that starts with “a” and ends with “g” with a length of 1 to 6.
$ crunch 2 3 lok123 -o /root/Desktop/3.txt
Here -o represents to send the wordlist to the specified file
This command will create an alpha-numeric wordlist that starts with length 2 and ends with length 3 and saves the wordlist in the file 3.txt.
$ crunch 4 5 -f /usr/share/rainbowcrack/charset.txt loweralpha-numeric -o /root/Desktop/4.txt
How to prevent this from attacker:
- Limit the access to the file for the specific users. Recommended: Only root user should have access to those files.
- Keep yourself low: Use the normal use for your purposes.
- Keep changing your passwords within 3 months.
- Do not share your passwords with anyone.
- Keep the passwords that can’t be guessed by the attacker.
–regards Lokesh Dachepalli