Password Cracking - Linux
Once you’ve got a hold of a Linux password hash, you’ll need something to crack it, and we’ve got just the thing. John the Ripper is a cracker available for both Windows and Linux, and can utilize both brute force and wordlist cracking methods.
John the Ripper
Password Hash
You’ll need to get a hold of the password hash from the /etc/passwd and/or /etc/shadow file. You can either use the unshadow command or copy the line manually from the file. Here is a sample shadow file:
root:$6$xZIa7utZ$yP6sOebstACt8cr7ZCpTqoBR3B3lmU/o8Dzzsh4eDoX5JKdddHsTfGxDsG5Q8IkQON7Shn4fxzo44z5oYV/8g0:0:0:root:/root:/bin/bash daemon:*:1:1:daemon:/usr/sbin:/bin/sh bin:*:2:2:bin:/bin:/bin/sh sys:*:3:3:sys:/dev:/bin/sh sync:*:4:65534:sync:/bin:/bin/sync games:*:5:60:games:/usr/games:/bin/sh man:*:6:12:man:/var/cache/man:/bin/sh lp:*:7:7:lp:/var/spool/lpd:/bin/sh mail:*:8:8:mail:/var/mail:/bin/sh news:*:9:9:news:/var/spool/news:/bin/sh uucp:*:10:10:uucp:/var/spool/uucp:/bin/sh proxy:*:13:13:proxy:/bin:/bin/sh www-data:*:33:33:www-data:/var/www:/bin/sh backup:*:34:34:backup:/var/backups:/bin/sh list:*:38:38:Mailing List Manager:/var/list:/bin/sh irc:*:39:39:ircd:/var/run/ircd:/bin/sh gnats:*:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh nobody:*:65534:65534:nobody:/nonexistent:/bin/sh libuuid:!:100:101::/var/lib/libuuid:/bin/sh syslog:*:101:103::/home/syslog:/bin/false messagebus:*:102:105::/var/run/dbus:/bin/false colord:*:103:108:colord colour management daemon,,,:/var/lib/colord:/bin/false usbmux:*:104:46:usbmux daemon,,,:/home/usbmux:/bin/false avahi-autoipd:*:105:115:Avahi autoip daemon,,,:/var/lib/avahi-autoipd:/bin/false avahi:*:106:116:Avahi mDNS daemon,,,:/var/run/avahi-daemon:/bin/false kernoops:*:107:65534:Kernel Oops Tracking Daemon,,,:/:/bin/false pulse:*:108:117:PulseAudio daemon,,,:/var/run/pulse:/bin/false rtkit:*:109:119:RealtimeKit,,,:/proc:/bin/false hplip:*:110:7:HPLIP system user,,,:/var/run/hplip:/bin/false kdm:*:111:65534::/home/kdm:/bin/false saned:*:112:120::/home/saned:/bin/false zyaga:$6$k9rX1xXJ$kcGV5Xxyhi55USckdt7axfFN6571fvfD/Faa3FsGT/uQ3fqx1U2NkaTFjdMfHOY1VMbhCiX80fabi2kut68EE1:1000:1000:Zyaga,,,:/home/zyaga:/bin/bash
The only part you need, is the line of the user you want to crack. Here is an example of my user (this is taken from a VMWare test machine).
zyaga:$6$k9rX1xXJ$kcGV5Xxyhi55USckdt7axfFN6571fvfD/Faa3FsGT/uQ3fqx1U2NkaTFjdMfHOY1VMbhCiX80fabi2kut68EE1:1000:1000:Zyaga,,,:/home/zyaga:/bin/bash
Once you have that line, save it to a file. Now onto installation and then cracking!
Installation
If you use Linux and have apt (apt-get, apt-cache, etc) on your system, then just install using the command below.
sudo apt-get install john john-data
However, if you use Windows, just click here.