This is the method which an attacker follows, in order to obtain the credentials.
When attacker targets a windows machine, he/she first exports the SAM file to another text file and cracks the text file.
The provided sampass.txt file, which is the credential data of windows operating system, has been cracked, and the process took around 3-5 minutes. The below screenshots demonstrate the cracked data of the respective file:
When attacker targets a Linux machine, the shadow file and password files from the machine should be exported onto another text file and needs to be cracked to get the credentials. The latest version of John the Ripper requires only the SHADOW file, but the older versions requires a combined SHADOW and PASSWORD details.
The attempt to crack the provided shadow.txt file was not 100% successful, and John the ripper tool could crack only 5 passwords as demonstrated in the below screenshot. It couldn’t crack the last 2 passwords.
John the ripper functions by providing the passwords into a hash function, and checks for a match. Here in this case John the ripper has exhausted the combinations set to be used, and the system gets into an indefinite wait. This could mean any of the options as mentioned below:
· The tool needs more time to crack.
· The hacker or pen-tester needs to use a stronger dictionary or wordlist.
· The tool needs more time for the process.
· The passwords are secure enough, to prevent a crack.
Comentarios