John

De Linuxmemo.

(Différences entre les versions)
(Session)
(Les modes)
Ligne 17 : Ligne 17 :
If no mode is specified,  john  will  try  "single" first, then "wordlist" and finally "incremental".
If no mode is specified,  john  will  try  "single" first, then "wordlist" and finally "incremental".
*Wordlist
*Wordlist
-
John will simply use a file with a list of words that will be
+
John will simply use a file with a list of words that will be checked against the passwords. See RULES for  the  format  of wordlist files.
-
checked against the passwords. See RULES for  the  format  of
+
-
wordlist files.
+
-
*Single crack
+
-
In  this  mode, john will try to crack the password using the
+
-
login/GECOS information as passwords.
+
-
*Incremental
+
-
This is the most powerful mode. John will try  any  character
+
-
combination  to  resolve  the  password.  Details about these
+
-
modes can be found in the MODES file in john's documentation,
+
-
including how to define your own cracking methods.
+
-
 
+
-
--single                  "single crack" mode
+
  --wordlist=FILE --stdin    wordlist mode, read words from FILE or stdin
  --wordlist=FILE --stdin    wordlist mode, read words from FILE or stdin
  --rules                    enable word mangling rules for wordlist mode
  --rules                    enable word mangling rules for wordlist mode
 +
*Single crack
 +
In  this  mode, john will try to crack the password using the login/GECOS information as passwords.
 +
--single                  "single crack" mode
 +
*Incremental
 +
This is the most powerful mode. John will try  any  character combination  to  resolve  the  password.  Details about these modes can be found in the MODES file in john's documentation, including how to define your own cracking methods.
  --incremental[=MODE]      "incremental" mode [using section MODE]
  --incremental[=MODE]      "incremental" mode [using section MODE]
  --external=MODE            external mode or word filter
  --external=MODE            external mode or word filter
 +
==Autres options==
==Autres options==
  --stdout[=LENGTH]          just output candidate passwords [cut at LENGTH]
  --stdout[=LENGTH]          just output candidate passwords [cut at LENGTH]

Version du 26 décembre 2016 à 19:59

John the Ripper password cracker

http://www.openwall.com/john/

John est capable de casser différents formats de chiffrement de mots de passe, notamment les mots de passe:

crypt(Unix), MD5, Blowfish, Kerberos, AFS, et les LM hashes de Windows NT/2000/XP/2003.

Des modules additionnels sont disponibles pour lui permettre de casser les mots de passe basés sur les hash MD4 et les mots de passe enregistrés dans MySQL ou LDAP, ainsi que les mots de passe NTLM, pour les de rnières versions de Windows.


Usage: john [OPTIONS] [PASSWORD-FILES] 

All  the  options recognized by john start with a single dash (`-').

Sommaire

Les modes

If no mode is specified, john will try "single" first, then "wordlist" and finally "incremental".

  • Wordlist

John will simply use a file with a list of words that will be checked against the passwords. See RULES for the format of wordlist files. 

--wordlist=FILE --stdin    wordlist mode, read words from FILE or stdin
--rules                    enable word mangling rules for wordlist mode
  • Single crack

In this mode, john will try to crack the password using the login/GECOS information as passwords. 

--single                   "single crack" mode
  • Incremental

This is the most powerful mode. John will try any character combination to resolve the password. Details about these modes can be found in the MODES file in john's documentation, including how to define your own cracking methods. 

--incremental[=MODE]       "incremental" mode [using section MODE]
--external=MODE            external mode or word filter

Autres options

--stdout[=LENGTH]          just output candidate passwords [cut at LENGTH]
--session=NAME             give a new session the NAME
--status[=NAME]            print status of a session [called NAME]
--make-charset=FILE        make a charset, FILE will be overwritten
--test[=TIME]              run tests and benchmarks for TIME seconds each

--users=[-]LOGIN|UID[,..]  [do not] load this (these) user(s) only
--groups=[-]GID[,..]       load users [not] of this (these) group(s) only

--shells=[-]SHELL[,..]     load users with[out] this (these) shell(s) only

--salts=[-]COUNT           load salts with[out] at least COUNT passwords only

--save-memory=LEVEL        enable memory saving, at LEVEL 1..3

--format=NAME              Override the ciphertext format detection. Currently, valid format names are DES, BSDI, MD5, BF,  AFS,  LM.

Résultats

Once John finds a password, it will be printed to the terminal and saved into a file called ~/.john/john.pot. 

cat ~/.john/john.pot

John will read this file when it restarts so it doesn't try to crack already done passwords. To see the cracked passwords, use 

john -show passwd.txt

Session

  • Abort 
Press 'q' or Ctrl-C to abort saving point information to a file  (  ~/.john/john.rec by  default)
  • restore session: 
john -restore

Unix like

unshadow /etc/passwd /etc/shadow > mypasswd
Récupérée de « http://linuxmemo.free.fr/index.php?title=John »
Outils personnels