Nov 22, 2013

Mission:
Recover the password of user hertz

Given:
passwd file and corresponding shadow file

Background info:
The password of the user is saved in the shadow file as hash value. Hash values are generated by hash function which are one way functions. So it's not possible to find out the password from the hash value by reverse engineering.

Mode of Attack:
Brute Force, using the tool John the Ripper
After installing the rpm package from the above link run below commands in the terminal to
  • Combine user information in passwdfile and shadowfile and write it to testfile
  • Launch dictonary based brute force attack on testfile
  • Recover the passwords using --show
  And you will get your initial key as "iloveu1"

unshadow passwdfile shadowfile > testfile
john testfile
john --show testfile
Categories: , , ,

0 comments:

Post a Comment