============================================ Back To The Basics On Password File Cracking ============================================ Author : Netw0rk Bug E-Mail : bug@netw0rk.freeserve.co.uk Date : 14th January 1999 ============================================ There are people out there who still don't know how to crack a passwd file. So I wrote this tutorial on using John The Ripper to crack them. First of all you will need to download the cracker. There are dozens available on the net, however I reccommend that you download John The Ripper. Get the latest version from its homepage: http://www.false.com/security/john/ There are different ways of using John The Ripper to crack passwd files. I am briefly going to describe them. The first method that you should try is the single crack mode. This is bound to get the most passwords cracked in the little time that it takes. Basically what it does is take the username and then try different variations of it for the password. You'd be surprised how many people choose a password the same as their username. Anyway... to run John The Ripper In Single Crack Mode make sure you are in a command prompt in the directory where john is locted and you need to type the command: john -single thats without the < and >. Depending on the size of the passwd file and the speed of your puter this will take 10-30 seconds. As the passwords are cracked then they will show up on the screen. The cracked passwords will then be stored in the file: john.pot which is in the same directory as John. So if you ever want to see the accounts that you have cracked from a certain passwd file then you need to issue the command: john -show Now that is the quickest way to crack a couple of accounts. The next method that you should try is using a wordlist. Basically you define a wordlist and then john will go through each word and see if it is that password for any of the accounts in the passwd file. So you now need to go and get a dictionary file or wordlist of some sort. There is one that comes with john which contains a list of popular passwords that people choose, so to try with that wordlist you need to issue the command: john -wordfile: The name of the wordlist that comes with john is called password.1st So you now need to go ahead and download some dictionary files off the net. try: ftp://sable.ox.ac.uk/pub/wordlists/ The third way of using john is by far the most powerfull method. However this can take some time. This method is brute forcing the passwd file. Basically this is when John goes through every single combination of characters possible. So as you can imagine this can take some time. This is called incremental mode. However, there are different types of incremental mode that you can use. 1) This is alpa mode. This only uses 26 different characters. 2) This is digit mode. This only uses the 10 different digits. 3) The all mode. This uses all 96 characters. 4) Lanman mode. This uses the 69 lanman characters. So now your asking yourself, so how the hell do you use these different modes? Well its simple. You ust type the command: john -incremental: In place of mode you can put either all, alpha, digits or lanman. (thats without the commas and the full stop by the way) A little tip for you. If you want to crack more than one passwd file at once then you type the command: john -single You can do this in all modes of passwd crackig and use as many passwd files as you want. Now if you are using the incremental modes then this will take some time and the chances are that you will want to use your puter for other purposes or maybe switch it off or something. So if you are using incremental modes then you may want to save where you are up to on your password cracking. This can easily be done. When ever you press a key while john is cracking away you will see your progress and it will also save its position in a file called restore in the same directory. So all you need to do is press the space bar or something so john saves where it is up to then if you press CTRL+C it will stop cracking. So when you want to come back and carry on with your cracking you issue the command: john -restore and thats all there is too it. I'll cya all soon Don't be afraid if any of yuo newbies want to mail me and ask questions. I won't bite your head off like most people would,well at least I promise not to draw blood anyway.