利用John the Ripper工具破解Linux用户密码
利用John the Ripper工具破解Linux用户密码
- 在/etc/passwd文件中选取想要破解的用户名的所在行,拷贝创建以该行为内容的文件,同时在/etc/shadow文件中选取相应用户名的所在行,并拷贝创建以该行为内容的文件
┌──(kali㉿kali)-[~/Desktop/Vulnhub/Hacksudo_Search]
└─$ cat passwd_file
hacksudo:x:1000:1000:hacksudo,,,:/home/hacksudo:/bin/bash
┌──(kali㉿kali)-[~/Desktop/Vulnhub/Hacksudo_Search]
└─$ cat shadow_file
hacksudo:$6$nh9tUD84T7Bfrm8u$KYH9z3KrUQKcM8XgYrMOv4mSUDEnQ0n8P1b/Kup5KmM0hTtgVtntnpcRUQImLCw50ADm.sJkzZ6Ph3XlA/aiR.:1000:1000:hacksudo,,,:/home/hacksudo:/bin/bash
-
利用unshadow命令对上述两个文件进行合成:
┌──(kali㉿kali)-[~/Desktop/Vulnhub/Hacksudo_Search] └─$ unshadow passwd_file shadow_file > enc.txt ┌──(kali㉿kali)-[~/Desktop/Vulnhub/Hacksudo_Search] └─$ cat enc.txt hacksudo:$6$nh9tUD84T7Bfrm8u$KYH9z3KrUQKcM8XgYrMOv4mSUDEnQ0n8P1b/Kup5KmM0hTtgVtntnpcRUQImLCw50ADm.sJkzZ6Ph3XlA/aiR.:1000:1000:hacksudo,,,:/home/hacksudo:/bin/bash -
使用rockyou.txt字典对密码进行破解:
┌──(kali㉿kali)-[~/Desktop/Vulnhub/Hacksudo_Search] └─$ john --wordlist=/usr/share/wordlists/rockyou.txt enc.txt Using default input encoding: UTF-8 Loaded 1 password hash (sha512crypt, crypt(3) $6$ [SHA512 256/256 AVX2 4x]) Cost 1 (iteration count) is 5000 for all loaded hashes Will run 2 OpenMP threads Press 'q' or Ctrl-C to abort, almost any other key for status redhat (hacksudo) 1g 0:00:00:18 DONE (2023-01-04 23:19) 0.05370g/s 2653p/s 2653c/s 2653C/s truckin..morgan6 Use the "--show" option to display all of the cracked passwords reliably Session completed.
STRIVE FOR PROGRESS,NOT FOR PERFECTION
分类:
随记
【推荐】国内首个AI IDE,深度理解中文开发场景,立即下载体验Trae
【推荐】编程新体验,更懂你的AI,立即体验豆包MarsCode编程助手
【推荐】抖音旗下AI助手豆包,你的智能百科全书,全免费不限次数
【推荐】轻量又高性能的 SSH 工具 IShell:AI 加持,快人一步
· Manus重磅发布:全球首款通用AI代理技术深度解析与实战指南
· 被坑几百块钱后,我竟然真的恢复了删除的微信聊天记录!
· 没有Manus邀请码?试试免邀请码的MGX或者开源的OpenManus吧
· 【自荐】一款简洁、开源的在线白板工具 Drawnix
· 园子的第一款AI主题卫衣上架——"HELLO! HOW CAN I ASSIST YOU TODAY