Extracting hash dumps from Windows machine It’s done we can see the password:test123 displayed on the screen. The cracked passwords are stored in john.pot which can be accessible with the command :~# cat /root/.john/john.pot :~# john –wordlist=/usr/share/john/password.lst hashfile We can there are various cracking modes available with John the Ripper, we are to use simple and powerful wordlist mode. Now you can see the X has been replaced with the actual hash values. etc/passwd : Password location /etc/shadow : Shadow file hashfile : Output file :~# unshadow /etc/passwd /etc/shadow > hashfile Now you should use the unshadow command in order to unmask/decrypt the passwords. Usage: unshadow PASSWORD-FILE SHADOW-FILE We can see the password hashed as X, to unmask the password we should use unshadow to unmask the passwords.
0 Comments
Leave a Reply. |