Another day, another room, another day of feeling rubbish (cold/flu won’t shift!)
Anyways you don’t care about that, what we care about is the John the Ripper: The Basics room which we will be completing!
First off, we started by learning the basic syntax for John and also using a python script called hashid to identify the hash types such as MD5/SHA-1/SHA-256/SHA-512 & other such as NTLM which is “format=nt”
Exmaple usage “–format=raw-md5 –wordlist/usr/share/wordlist/rockyou.txt hash1.txt”
We then looked into cracking Linux /etc/shadow passwords from an exmaple of a penteter getting the root file from a test.
we use the unshadow tool to do this, I will post a screenshot below of this & the result of cracking the root password –
We then moved on from wordlist style attacks to Single Crack mode and Word Mangling –
Custom rules were also explained and how to create custom rules to exploit password complexity predictability e.g Jamespassword1! e.g Az”[A-Z]”
Next we moved on to zip files using zip2john which creates a hash that john can understand and then running the command as normal against a wordlist such as /usr/share/wordlists/rockyou.txt.
We then unzip the secure.zip file and get a new directory and the flag.
We do the same thing with rar2john next.
And lastly we use ssh2john to first convert the id_rsa ssh key to a format john can read and rinse and repeat!
Overall room was quite good and very good refresher/introduction to the john tool for cracking hashes in various ways!
Until next time & don’t sleepwalk through life!
Hede nyuie