Lab: John the Ripper
Step 4: Follow Up
- Instructions:
- In this section please create a word document containing the answers to the following portions.
- Include the item number and sub-number with your answers.
- Include full answers/descriptions. Do not be a minimalist.
- When ask, or when it supports your answer, include a screen shot. Make sure you explain how your screen shot demonstrates/supports your answer.
- Make sure you include the name of your lab partner and anyone else you worked with to find these answers.
- Answer:
- In the setup we only downloaded one list of words. This was to save time
- How would multiple word lists increase the time it takes John to find a password?
- How would multiple word lists change the results produced by John? Justify your answer.
- Based on your understanding of John, provide three strong passwords, where strong means a password that John would have trouble breaking. Explain why you believe that your passwords are strong.
- In the setup we only downloaded one list of words. This was to save time
- Investigate
- John's default word list is installed in /usr/share/john and is called password.lst.
- Look at this file (
leafpad /usr/share/john/password.lst)- Look through this list for any passwords you might have used in the past?
- Look through this list for specialized words from pop culture items (ncc1701 for Star Trek fans)
- The note at the top it says this list holds passwords from the mid 1990's
- Describe what you found
- What words might you add to this list and why?
- Look at this file (
- Add the following line to a password file
-
duane:$6$eekriUNBO4EQ0Ei5$G8XCtUZVZ3DeMeXh2D8EXYtNVra.ASI.1mgLcpOL6S6QDMRoPfOMHgq7gnat01dgbDCYuHAJ8RDFtsIvTveCg/:1:1:Duane Chapman, Dog,1-800-BountyHunter,:
- Try to crack this password with john.
- Does the result surprise you?
- Try different versions of Bounty Hunter stored in the GECOS field of the password file.
- Remember, you will need to remove ~/.john/john.pot each time you successfully crack the password.
- If you stump john, press the spacebar frequently to see what john is using as guessed passwords.
- What can you say about how john useses information in the password file?
-
- John's default word list is installed in /usr/share/john and is called password.lst.