Scribd
Upload
26 views2 pages

Cracking Passwords with John & Hashcat

This document outlines a lab exercise for cracking secure password hashes using Kali Linux. It provides step-by-step instructions for using tools like John the Ripper and Hashcat to identify and crack password hashes, including brute-force and wordlist attack methods. Additionally, it includes guidance on extracting and cracking the user's actual Kali password from the system's shadow file.

Uploaded by

kietnase172572
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
26 views2 pages

Cracking Passwords with John & Hashcat

This document outlines a lab exercise for cracking secure password hashes using Kali Linux. It provides step-by-step instructions for using tools like John the Ripper and Hashcat to identify and crack password hashes, including brute-force and wordlist attack methods. Additionally, it includes guidance on extracting and cracking the user's actual Kali password from the system's shadow file.

Uploaded by

kietnase172572
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd

LAB 8 - CRACKING SECURE PASSWORD HASHES IN KALI LINUX

Name: (required)
Student ID: (required)
0. What you need
 A system running Kali Linux.a
 Basic knowledge of the Linux command-line interface.a
 John the Ripper (Jumbo version) and Hashcat installed.
1. The Hash File
 A file named [Link] is provided.
 You must determine the hashing algorithm used.
2. Attempt Cracking Without Identifying the Hash Type
 Attempt with John the Ripper
john --wordlist=/usr/share/wordlists/[Link] [Link]
 Attempt with Hashcat
hashcat -a 0 [Link] /usr/share/wordlists/[Link]
If neither works, proceed to the next step to determine the hash type.
3. Identifying the Hash Type
After attempting blind cracking, determine the hashing algorithm using:
hashid [Link]
OR
john --list=formats | grep -i sha
OR
hashcat -m 99999 [Link] --show
4. Cracking with John the Ripper
 Brute-Force Attack
john --incremental [Link]
 Wordlist Attack
john --format={hashing method} --wordlist=/usr/share/wordlists/[Link]
[Link]

5. Cracking with Hashcat


 Brute-Force Attack\
hashcat -m {hashing-code} -a 3 [Link] ?a?a?a?a?a?a?a
 Wordlist Attack
hashcat -m {hashing-code} -a 0 [Link] /usr/share/wordlists/[Link]

6. Viewing Cracked Passwords


 John the Ripper:
john --show [Link]
 Hashcat:
hashcat --show -m {hashing-code} [Link]
 Example output: kali:supersayan

7. Attempt Cracking your actual Kali password


 Extract password hashes from /etc/shadow
sudo cat /etc/shadow | grep kali > [Link]
 Using above methods to crack it. Good luck!
Submission:
 Provide captured screenshots accordingly (meaningful areas only).
 Name this file as "YourName_StudentID_Lab8" in docx / PDF format.

You might also like