Shulou(Shulou.com)06/01 Report--

In the * test, we are mainly talking about the linux system. We often encounter arbitrary file downloading or reading, as well as command execution, but sometimes the command execution is not interactive, so it will be very difficult for us to add an account and password, so at this time we can read the shadow file, save the content locally, and then use john to crack it, so we can use the account in the system for remote connection control!

Download address: http://www.openwall.com/john/

Basic syntax is used:

John shadowroot@kali:~# john / etc/shadowWarning: detected hash type "sha512crypt", but the string is also recognized as "crypt" Use the "--format=crypt" option to force loading these as that type insteadUsing default input encoding: UTF-8Loaded 3 password hashes with 3 different salts (sha512crypt, crypt (3) $6 $[SHA512 128 AVX 2x]) Remaining 2 password hashes with 2 different saltsPress'q' or Ctrl-C to abort Almost any other key for status1q2w3e4r (eth20) root@kali:~# cat / root/.john/john.pot$6 $8uR2a64J$y2Oc5C6QsTRtJ1tpfpJKDIAfXzSM8rJ0IizfM32Mn.ac.UBUGgtq1HT2kgvnx4LFGukbj/poLJzg32VjpTbJS.:root$6$ wovV.UXy$0EJJ0YuL0g52aHtLBgJFJ0/LhxR5maRQ7.Nw5ekAyQEjvISVP6msRShAVaWE3twlLy4oU8WQ95HchjJHez/EB1:123456 $6 $xUWbL8ha$W6Clcf.vJjZZPt//xnvCmvhbmW.iEmu.XLGyKtoUdrAgTA91/pasBu5.TQ.cM1r97Qxg8NxrUun5CNasZOAAb1:123 $6 $ITd1qoda$0bNvtCP8ntHxtfC82kYm.67ScLhXCKUgNpRWHX1oybjPrUJAr.wKFPD17zMJVs036xUfIuEjNpRKHmBPOE4T40:1q2w3e$6$ aFZHXjfb$oJikWBNpKcPiN90Jwg/xTAmSZCREFNDgYraNow90A2IxboBfgGQl/tMSTinrpwCT9uSDohF/Nml3Dhpz1yTZj.:asdfgh$6 $hIpfeY1N$5GjR9IiK3aY4rCvlFNX91PWFC6dDyU6z7oDJme0maHUuvvIO/qVCuy2Sx.z4VChtIspGnnq3PlxT/8ELoSDKM.:1q2w3e4F:\ eth20-CTF-Toolkits\ CTF Toolkit\ brute Force cracking\ john179\ run > john.exe F:\ ctf\ shadow 1 [main] john 9540 find_fast_cwd: WARNING: Couldn't compute FAST_CWD pointer. Please report this problem tothe public mailing list cygwin@cygwin.comcygwin warning: MS-DOS style path detected: F:\ ctf\ shadow Preferred POSIX equivalent is: / cygdrive/f/ctf/shadow CYGWIN environment variable option "nodosfilewarning" turns off this warning. Consult the user's guide for more details about POSIX paths: http://cygwin.com/cygwin-ug-net/using.html#using-pathnamesLoaded 8 password hashes with 8 different salts (FreeBSD MD5 [32 + 32]) 2_FTP (2_FTP) 1_FTP (1_FTP)

Under windows, you can view john.pot in the tool's run directory.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.