Create six users without passwords
Design six passwords with different levels of complexity, such as a dictionary word (must have),
dictionary word + numbers, dictionary word + symbol, etc. List them in a table in your report.
Remember, do not use the passwords for your real accounts.
Assign the above passwords to the users you created in step 2.
Export above users’ hash and use John the Ripper to crack their passwords in wordlist mode.
You can use the default wordlist "rockyou.txt" on Kali Linux or download a new one from the
Internet.
Show me the results after five minutes’ cracking
Creating six users:
user_1 |
user_2 |
user_3 |
user_4 |
user_5 |
user_6 |
Designing six passwords
lemon786 |
machine@ |
circle360 |
robot# |
evil666 |
dollar$ |
Assigning passwords to the users
user_1 | lemon786 |
user_2 | machine@ |
user_3 | circle360 |
user_4 | robot# |
user_5 | evil666 |
user_6 | dollar$ |
Generating hashes of passwords
user_1 | lemon786 | 49f7066acfec177795f34b7f54e6dfd0 |
user_2 | machine@ | f61af31bc293001146c5acab10b8da42 |
user_3 | circle360 | dbd832e0423a4f26b0e6467db9990d70 |
user_4 | robot# | 4b3311e31f23238f748278cec14aa213 |
user_5 | evil666 | e52e497cfe6a2a24f8e8af8715c19013 |
user_6 | dollar$ | 9ec32cd64b93e88bf7c060e257256216 |
Cracking the passwords using John the Ripper with wordlist as rockyou.txt
a) Create a file named passwords.txt
user_1:49f7066acfec177795f34b7f54e6dfd0
user_2:f61af31bc293001146c5acab10b8da42
user_3:dbd832e0423a4f26b0e6467db9990d70
user_4:4b3311e31f23238f748278cec14aa213
user_5:e52e497cfe6a2a24f8e8af8715c19013
user_6:9ec32cd64b93e88bf7c060e257256216
b) locate the rockyou.txt using locate rockyou.txt command and copy the file to /home/kali/
c) Use the following command to start the cracking process
sudo john --format=raw-md5 --wordlist=/home/kali/rockyou.txt /home/kali/passwords.txt --fork=10
--format : It specifies the format of hashing
--wordlist : It specifies the wordlist used for cracking
--fork : It specifies the number of processes to run the application
d) Following command is used to view the cracked hashes of the password file.
sudo john --show --format=raw-md5 passwords.txt
Result:
After five minutes of cracking, 4 of the 6 hashes of the
password that were cracked using John the Ripper that
are-
lemon786 robot# evil666 dollar$
--------------------------------------------------------------------------------------------------------------------------------------
Steps to create file and generate hashes-
Get Answers For Free
Most questions answered within 1 hours.