Find the answer to your Linux question:
Page 1 of 2 1 2 LastLast
Results 1 to 10 of 13
Can anyone tell me how John The Ripper ( http://www.openwall.com/john/ ) works. I understand that you can use it on a file to let it try to decrypt it (i ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Linux Enthusiast flipjargendy's Avatar
    Join Date
    Aug 2004
    Location
    Xanadu, Titan, Saturn
    Posts
    612

    John The Ripper?!


    Can anyone tell me how John The Ripper (http://www.openwall.com/john/) works.

    I understand that you can use it on a file to let it try to decrypt it (i think) but could you let it just keep attempting to login on a certain username on a website like http://Livejournal.com?

  2. #2
    Linux User
    Join Date
    Feb 2005
    Posts
    290
    first you would have to (legally or illegally) obtain a copy of /etc/passwd (or /etc/shadow) file, then run john ripper to "brute force" attack the password by guessing for one from a till z, aa till zz, aaa till zzz accoording to the range you specified, or using a dictionary file.

  3. #3
    Linux Enthusiast flipjargendy's Avatar
    Join Date
    Aug 2004
    Location
    Xanadu, Titan, Saturn
    Posts
    612
    Alright, that's what i thought. Thanks, i guess now i'll have to find out how to get the passwd file then, if possible.

  4. $spacer_open
    $spacer_close
  5. #4
    Linux Engineer
    Join Date
    Mar 2005
    Posts
    1,431
    Mail me at jaboua@gmail.com if you find out...

    EDIT: By the way have you tried through ftp? You often can log in as "anonymous" on ftp-servers...

  6. #5
    Linux Enthusiast flipjargendy's Avatar
    Join Date
    Aug 2004
    Location
    Xanadu, Titan, Saturn
    Posts
    612
    Yeah tried FTP and Telnet, either worked.

  7. #6
    Linux Newbie jeickal's Avatar
    Join Date
    Jan 2005
    Location
    Switzerland
    Posts
    114
    The passwords are not in /etc/passwd but in /etc/shadows. Old *nix system used to have passwords in /etc/passwd, but since it's world readable, anyone could run a password cracker on it. This is why this user files has been split in 2. The /etc/shadow is only readable by root.
    Now about how to see what's in /etc/shadow? Hum... I think this is a subjet against this forum's rules... sorry.

    About the methods used by most password crackers: As far as I know, the algorythm to encode passwords is not decodable. When you log in, it encodes whatever you typed as a password and compares it to what's in /etc/shadows (the real password encoded) If it matches, the system lets you in. So do password crackers. This is why it takes ages to run them. If you suppose that the passwords are weak, using a dictionnary-like password cracker will be way faster. They used to be pretty usefull to sysadmin to check if the users are setting sufficiently secure passwords, but since few years most distros won't let user set trivial password, so no more need for password crackers.

  8. #7
    Linux Newbie
    Join Date
    Sep 2003
    Location
    St.Charles, Missouri, USA
    Posts
    201
    what way are passwords encrypted? if its md5 then there is always the md5-reversing website :P
    Powered by Gentoo
    never ever ever use the hardened option in make.conf!

  9. #8
    Linux Newbie jeickal's Avatar
    Join Date
    Jan 2005
    Location
    Switzerland
    Posts
    114
    Quote Originally Posted by gwalters
    what way are passwords encrypted? if its md5 then there is always the md5-reversing website :P
    It uses DES. I got this info about the non-decodabilty from a old unix book I read end of the 90s. Since you mentionned the reversability of MD5 I looked up DES and looks like encoding/decoding is using the same algorithm. Got this here ==> http://en.wikipedia.org/wiki/Data_Encryption_Standard

    The Feistel structure ensures that decryption and encryption are very similar processes the only difference is that the subkeys are applied in the reverse order when decrypting. The rest of the algorithm is identical. This greatly simplifies implementation, particularly in hardware, as there is no need for separate encryption and decryption algorithms.
    Maybe that's what they meant in that book I read that there is no "decoding" algorythm".
    Check out the man page of the fonction "crypt" for more info.

  10. #9
    Linux Engineer Giro's Avatar
    Join Date
    Jul 2003
    Location
    England
    Posts
    1,219
    John the ripper works by taking a list of words and encrypting them line by line using the DES algorythem, which creates a hash of the word, then the resulting hash is compaired to the password files hash and if they match you know the word is the password (good passwords make this attack useless good for pr0n .passwd files though )

  11. #10
    Linux Engineer
    Join Date
    Mar 2005
    Posts
    1,431
    Since UNIX-systems are so secure, is it possible to use the password-cracker on windows-password-files? And if so, where is the windows-password-file located?

Page 1 of 2 1 2 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •