John the Ripper Notes

It seems John the ripper is a little more complex than I remember.  With the Ubuntu repo'd version of John I am unable to create a recognizable md5 hash for john to decrypt (no hashes loaded).  Still working with John but in the meanwhile:

echo 'fake:$1$O3JMY.Tw$AdLnLjQ/5jXF9.MTp3gHv/' > hash

this is a hash that will be recognized by john the ripper and dumps it in a file called hash.  However my goal is to create an MD5 hash of "12345" and set john for incremental parameters to brute force 5 characters [0-9].  This venture just serves to remind me that pen testing is not a part time job as I am playing catchup now.

This will create an MD5 compatible hash for testing

openssl passwd -1 password  (use this instead)

change password to whatever you want to encrypt.

with a salt

openssl passwd -1 -salt rty  password
 
John's configuration file is located in 
 
/etc/john 
 
.chr files are required for incremental mode. found in /usr/share/john/ 

With manipulation of the incremental functions in the john configuration file, now able to achieve original task.

The location of john's default word list is /usr/share/john/password.lst

run john using brute force digits only

john --incremental:Digits name-of-file

john password_sha1.txt --format=md5crypto -w=password.lst


Comments

Popular Posts