Password Cracking - Foren-Ken/tech-journal GitHub Wiki

Prerequisites:

Hash - This can be obtained from accessing the file located at /etc/shadow. This can be done by having a root user, or a user with proper permissions to access the file.

The following method can be done to check if a line has a hash: sudo cat /etc/shadow | grep \\$

Shadow Format:

The shadow is made of multiple parts, but the most important for password cracking is the Username, Algorithm, Salt, and Hash. These three are seen in the following format: [Username]:[Algorithm][Salt]$[Hash]:[Remainder of the Shadow Line] The reason why these are important is due to password cracking relying on these four items.

How to Unshadow:

Using the "unshadow", a utility derived from John the Ripper, is very simple and is the following syntax: unshadow [passwd file] [shadow file] > unshadowed.txt

How to crack with John

Cracking with john is done with the following syntax: john --format=crypt --wordlist=[wordlistfile] [unshadowed file]

How to crack with HashCat.

Cracking with hashcat can be done with the following syntax: hashcat -m [hash mode code] -a [attack mode] -o [output file] [shadow file] [wordlist]

Hash Methods

To see a list of hash methods, the following guide can be referenced. Understanding /etc/shadow file format on Linux