Re: Using John to crack a password

Alchemist <raimiiic@xxxxxxxxx> · Tue, 22 Nov 2016 02:51:03 +0200

If you want no downtime, use sucrack+john.
Take https://labs.portcullis.co.uk/download/sucrack-1.2.3.tar.gz and https://github.com/magnumripper/JohnTheRipper

Compile and run as folows

./john -min-len=8 -max-len=12 -mask="password?d" --stdout | SUCRACK_AUTH_FAILURE="su: Authentication failure" ./sucrack -u root -w 25

Where -mask is your partial password mask
min/max expected length range to try

Read https://github.com/magnumripper/JohnTheRipper/blob/bleeding-jumbo/doc/MASK

2016-11-21 22:25 GMT+02:00 Robert Moskowitz <rgm@xxxxxxxxxxxxxxx>:
I have a running system that I have forgotten the root password.  I really do not want to take down the system, go through the steps to boot up in single user mode and change the password.

I just happen to have used the same password on a test system, so I was able to copy the /etc/passwd, edit it so that it only contains the root user and feed it into john on a notebook I have (F22).

Well john has been working for 20 hours (one cpu pegged at 100%).  I did not think the password was that complex!

Anyone have any experience with this?  Is there a better cracker than john?  I DO know a couple of the letters in the password (not the numbers or special characters or the letter case) and password length.  Is there some tool that I can feed in a partial password like 'a?bc??d?"?

thanks

_______________________________________________

users mailing list -- users@xxxxxxxxxxxxxxxxxxxxxxx

To unsubscribe send an email to users-leave@lists.fedoraproject.org

_______________________________________________
users mailing list -- users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to users-leave@xxxxxxxxxxxxxxxxxxxxxxx