JTR-Cracking Linux passwords-Long Version_11_29_2023

docx

School

Baruch College, CUNY *

*We aren’t endorsed by this school

Course

2410

Subject

Information Systems

Date

Dec 6, 2023

Type

docx

Pages

18

Uploaded by ejeah97

Report
The lab Breakdown READ : If your hashing algorithm use “$6$ use --format= sha512crypt and if it uses “$y$” use --format=crypt Lab summary: We are going to create a few users whose passwords we are going to crack using john the ripper ( JTR ). This is a two part lab, in the first part of the lab we are going to use a wordlist named “ rockyou.txt ” that is included with Kali Linux, it contains about 14 Million possible passwords. In the second part of the lab, we will create and use a custom wordlist to crack the passwords. Phases of the lab Phase#1 : Create some test users on the Kali VM with passwords.. Phase#2 : Use the “ pwunconv ” command to combine the /etc/passwd and /etc/shadow files into another file. Phase#4 : Use the “ rockyou.txt ” wordlist to attempt to crack the passwords Phase#3 : Create a custom “wordlist” (password file) containing the user’s password. Phase#4 : Use john the ripper to attempt to crack the passwords using the custom password. Remember john needs 3 things A wordlist ( Wordlists are text files that contains potential passwords that password crackers like john the ripper uses to crack passwords. ) A file containing the username+password hash pair The name of the hashing algorithm used by the Operating system ( --format=NT or --Format=sha512crypt) Basic Syntax John --format=?? --wordlist=path/to/wordlist.txt path/to/filetocrack.txt
Hands-on DO: Start the “ kali Linux VM ”, logon as “ root ” and create some test users with passwords that are easy to crack. User Creation Let’s create a few users and set their passwords Syntax: username –m <username> ; create a new user account Syntax: passwd <username> ; set/reset a user’s password DO : Type useradd -m cbrown ; create a new user named cbrown DO: Type “passwd cbrown ; set his password to six ones (111111) DO : Use the “cbrown” example as reference and create the other users in the table below with the indicated passwords. The “ RED ” characters are UPPERCASE letters. Note : snoopy and linus have the same password Username password cbrown 111111 woodstock W !nter2020 snoopy P @$$w 0 rd ; 0 is the number zero lucy B @rtic@ linus P @$$w 0 rd ; 0 is the number zero pigpen p@ssw o rd ; o is the letter ‘oh” DO : Reset root’s password to “w!nter2009” Q: What command did you type? _____________________________________________
DO : Clear the screen then type tail -n 6 /etc/passwd to display the last five lines of the /etc/passwd file, you should see the five users that were created. You should see a picture similar to the following. What is the U ser Id entification (UID) of snoopy? _____________________ DO : Clear the screen then type tail -n 6 /etc/shadow to display the last five lines of the /etc/shadow file, you should see the hashed password of the six users that were created.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
DO: Type “ pwunconv ” ; this will combine the /etc/passwd and /etc/shadow files into one file the /etc/passwd file. The shadow file will no longer exist The following picture illustrates the effect of “ pwunconv ” command using sholmes to illustrate. READ: Now that we have all accounts and hashes in one file, we are going to use the “grep” command copy the accounts of interest to a file named “filetocrack.txt” …which we will tell john to crack DO : Type “ grep root /etc/passwd ; display all entries with the string “root’ in them
DO : Type “ grep -w root /etc/passwd ; Tell grep to display only lines that have the word (w) root.. Look at the following screenshot. DO: Type the “grep commands in the following picture to extract only the entries of interest from the /etc/passwd file and send them to a file named “ filetocrack.txt ”. The “filetocrack.txt” is the file we will tell john to crack. Note: Alternately, you can use the following command to do the same thing as the screenshot grep -E ‘^(root|cbrown|woodstock|snoopy|lucy|linus|pigpen)’ /etc/passwd > filetocrack.txt
DO : Clear the screen then type cat filetocrack.txt , you should see something similar to the following. The file only contains the seven accounts whose passwords we will attempt to crack. NOTE: The file contains both the “ usernames ” and the “ hashed passwords Let’s return the system to it’s normal state DO: Type “pwcon v” ; separates the /etc/passwd and the /etc/shadow files DO : Type the two commands shown in the following screenshot and note the result
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
Let’s get the “rockyou.txt” wordlist Note: To use the “rockyou.txt” wordlist you must first uncompress it DO : Type “ ls –lh /usr/share/wordlists/rockyou.txt.gz ; displays the file What’s the compressed size of the file? ______________________________ DO : Type “ gunzip /usr/share/wordlists/rockyou.txt.gz ; uncompress the file DO : Type “ ls –lh /usr/share/wordlists/rockyou.txt ”. What’s the uncompressed size of the file? _______________________________ DO : Type “ wc –l /usr/share/wordlists/rockyou.txt ; use the word count (wc) command to counts the number of lines (entries) in the file. How many lines (potential passwords) are in the file (The leftmost number) ?_____________ DO : Type “ grep head /usr/share/wordlists/rockyou.txt ”; list possible password that have the string “head” as part of them. DO : Type “ grep head /usr/share/wordlists/rockyou.txt | wc –l ” ; uses the word count (wc) command to count how many potential passwords have the string “head” in them…Don’t do anything just wait until it finish on it’s own. DO: Type “ cp /usr/share/wordlists/rockyyou.txt /root ; copy the file to /root to avoid having to type in a long path. DO : Type ls ; list the content of the current directory, you should see the rockyou.txt file READ : Before we attempt to crack the passwords, lets determine how many of the passwords we intend to crack are in the ‘rockyou.txt” file, this will tell us how many of the passwords will eventually be cracked by john.
NOTES : If the password is in the file it means that eventually john will be able to crack it, if the password is not in the file it means that john will not be able to crack the password. READ : In the following commands, be sure to surround the passwords with single quotes , the one that shares the same key as the double quotes . DO : Type grep -w ‘111111’ rockyou.txt ; is the password in the file? Y/N DO : Type grep -w P @$$w0rd’ rockyou.txt ; is the password in the file?Y/N DO : Type grep -w W !nter2020’ rockyou.txt ; is the password in the file?Y/N DO : Type grep -w ‘p@ssword’ rockyou.txt ; is the password in the file?Y/N DO : Type grep -w B @rtic@’ rockyou.txt ; is the password in the file?Y/N DO : Type grep -w ‘w!nter2009’ rockyou.txt ; is the password in the file? Y/N DO: List the users whose passwords will eventually be cracked: _____________________ ________________________________________________________________________
Time to crack the passwords READ : If your hashing algorithm use “$6$ use --format= sha512crypt and if it uses “$y$” use --format=crypt DO : Type “john - -format=sha512crypt - -wordlist=rockyou.txt filetocrack.txt Note: It should crack “cbrown” password quickly. Refer to the following picture. DO: Wait for about 5 minutes and pigpen’s password will be cracked. Refer to the following picture
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
DO: Press “ CTRL+C” or the letter “ q to temporarily pause the cracking process go to the command prompt. DO : Type “john - -show filetocrack.txt ”; display cracked passwords You should see the following DO: Type “john - -restore ” ; resume the cracking
DO: Press “ any ” key to display the current potential password that JTR is trying. DO: WAIT 30 minutes and see if JTR can crack any other, then press “ CTRL+ C to exit Q: Were any other passwords cracked after 30 minutes? Y/N DO: List the names of the users whose passwords were cracked ________________________________________________________________________ DO: List the names of the users whose passwords were not cracked ________________________________________________________________________ DO: Type “john - - show filetocrack.txt ; displays the names and corresponding cracked passwords. DO: Take a screenshot and paste it below
Part2: Creating and using a “custom” wordlist READ: The first thing that has to be done is to “ zero or delete ” the ./john/john.pot file since john will not re-creak passwords that have already been crack. DO: Type “rm –rf .john/john.pot ; delete “john.pot” to start from scratch, the file will be automatically be created when john is run. Let’s create a small custom wordlist READ : The following commands will use the “ echo ” command to place some potential passwords in a text file named “ mywordlist.txt ”. Wordlists are text files that contains potential passwords that john the ripper uses to crack passwords. The single quote is on the same key as the double quote and is required so that special characters like “@ and $” are accepted as characters in a password. DO : Type the following lines to create a wordlist named “ mywordlist.txt NOTE : “ p@ssword ” and “ w!nter2009 have been left out on purpose to see what happens when john reaches the end of the password list and no “match” is found.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
DO : Type “ cat mywordlist.txt to display the content of the file. You should see the following. READ: If you do not see all six passwords, exactly as shown in the previous screen, then type rm –rf mywordlist.txt ” to delete the file, and then re-type the “ echo ” commands. OK let’s get cracking DO : Type” john - -format=sha512crypt - -wordlist=my wordlist.txt filetocrack.txt READ: All passwords that are in the”mywordlist.txt” file should cracked within a few seconds, and you will exit from john because it has run out of potential passwords to try. . Note: Pigpen(p@ssword) and root’s(w!nter2009) passwords are not in the custom wordlist so they were not cracked.
DO:Type “ cat .john/john.pot ;; shows all cracked passwords and corresponding hashes (but not names). Refer to the following screenshot.
DO : Type “ john - - show filetocrack.txt ” , you should see the following which shows all of the cracked passwords and the corresponding names. OK, let’s add the two missing passwords to the “mywordlist.txt” file , delete the john.pot file and then try to crack again DO : Type echo ‘p@ssword’ >> mywordlist.txt DO: Type echo ‘ w!nter2009’ >> mywordlist.txt DO: Type ” cat mywordlist.txt ; the updated wordlist; you should see the following
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
Let’s delete the “john.pot” file DO: Type “ rm -rf .john/john.pot ; This will delete the “john.pot” file let’s crack again DO : Type” john - -format=sha512crypt - -wordlist=my wordlist.txt filetocrack.txt”
DO: Type “ cat .john/john.pot ” ; display cracked passwords (no names are shown) DO: Type “ john - -show filetocrack.txt ” ; you should see the following, which shows both the cracked passwords and the corresponding names.
Conclusion : john’s ability to crack passwords depends on a wordlist list that has the potential password in it. If the wordlist list contain the password but is a big file (many passwords) the password will eventually be cracked, but it will take time depending on where in the file the potential password is located ( top of file? Middle of file? All the way at the bottom of the file? ) ...hours? days/ weeks? If the password file does not contain the password ..john will Exit and the password will not be cracked. Answer the following question:
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help