Cracking Passwords

Run john the ripper against the example file: john shadow $--$format:crypt

JTR will attempt to decipher the passwords and display any that it 'cracks' as it goes along:

"Single crack" mode, mangling username and other account information.

Dictionary attack using a default dictionary.

Hybrid attack.

Brute force $($it will try every possibly combination of characters: letters, numbers, and special characters$).$

Notice that at any time you can hit any key to see the current cracking status.

Single crack mode:

Observe that user

should be cracked first since the password is the same as the username.

Then

because it's just the username plus a special character.

Next

should be cracked as it's their username and a couple of digits.

Dictionary attack:

user$4$ and

should be cracked quickly as both their passwords are in the default wordlist.

Incremenal brute force:

After a few minutes into incremental brute force, stop john and take a screenshot.

Using different wordlist:

user$6$ and

have thus far evaded cracking... so let's try a different word list.

Keyboard walks refers to a word$-$list which are made up of adjacent keys on the keyboard like $12345678,$ or $1$qazxsw$2.$

Starting with the letter $"z",$ we move North West, hitting the $"$a$","q",$ and $"1"$ keys.

We then move East a row, hitting the number $"2",$ and then move South East back down the keyboard hitting the $"w"$ key and stopping on $"s".$

This would create the password, "zaq$12$ws$".$

I've already created a keywalk list using the tool kwprocessor.

Download the keywalk wordlist darr and use it with john.

Take a screenshot now that should now be cracked.

Creating a targeted wordlist:

So far user$7$ has escaped being cracked, but we'll fix that.

We have scoured their $ SocialMedia page and found they recently posted. Let's use that info.

Git clone down Mebus$/$cupp: Common User Passwords Profiler $($CUPP$)\_($

github.com$).$

CUPP is a Python $3$ program that will generate a targeted word list based on information you supply.

Here's the OSINT $G($open$-$source intelligence$)$ we've gathered about user$7$:

jasonsmith

$291K$ fallower