Scribd
Upload
45 views3 pages

Password Cracking: 19BCT0021 Swayam Shresth Mohapatra CSE-3501 ISAA L55+56

The document discusses password cracking techniques and how to use John the Ripper to crack passwords using a brute force dictionary attack. It provides steps to install John the Ripper, configure it to use MD5 hashing, download a dictionary file, add a test user, and run John the Ripper against the shadow file to crack the password.

Uploaded by

Swayam Mohapatra
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
45 views3 pages

Password Cracking: 19BCT0021 Swayam Shresth Mohapatra CSE-3501 ISAA L55+56

The document discusses password cracking techniques and how to use John the Ripper to crack passwords using a brute force dictionary attack. It provides steps to install John the Ripper, configure it to use MD5 hashing, download a dictionary file, add a test user, and run John the Ripper against the shadow file to crack the password.

Uploaded by

Swayam Mohapatra
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd

19BCT0021

Swayam Shresth Mohapatra


CSE-3501 ISAA
L55+56

Password Cracking

Password cracking refers to various measures used to discover computer passwords.


This is usually accomplished by recovering passwords from data stored in, or
transported from, a computer system. Password cracking is done by either
repeatedly guessing the password, usually through a computer algorithm in which
the computer tries numerous combinations until the password is successfully
discovered.
The top password-cracking techniques used are:
 Phishing
 Social Engineering
 Malware
 Brute-force Attack
 Dictionary Attack
 Mask Attack
 Rainbow-table Attack
 Spidering

In this Experiment, we will be using ‘John the Ripper’ in Ubuntu for Password
Cracking. We will use the Brute force attack to search the Dictionaries.

First, run the command to install John the Ripper:


sudo apt-get install john
Then, edit the common-password file to change the Hashing Algo to md5 from
sha512, to reduce the operation time for testing purposes.

Switch to the root user. Create a new test directory and give it Root permissions.

Use the wget command to download the Dictionary file which is stored in
[Link]
Then add a new user named ‘kitten’ and give the password as ‘seafood’

Finally, run John the ripper using the following command:


john -w:/test/[Link] /etc/shadow

It would take some time to brute force, and as we can see the Credentials are visible,
So the password is Cracked. Press Ctrl+C to stop when done.

You might also like