Date: Thu, 18 Mar 2004 13:56:36 -0500 (EST) From: "Aaron Peterson" <aaron@alpete.com> To: ecrist@adtechintegrated.com Cc: freebsd-questions@freebsd.org Subject: Re: John The Ripper? Message-ID: <63529.162.114.211.143.1079636196.squirrel@mail.alpete.com> In-Reply-To: <200403181138.12378.ecrist@adtechintegrated.com> References: <200403181138.12378.ecrist@adtechintegrated.com>
next in thread | previous in thread | raw e-mail | index | archive | help
> Does anyone know the best way to execute john the ripper against freebsd > password files? I'm testing the strength of my own passwords and have > never > used this software for. The way it looks to me, I need to obtain a > dictionary file, or pound on the keyboard to have john start guessing > passwords. you will need a merged (old style) password file to give john, and i believe there are some easy programs you can run as root to accomplish this (although i don't know their names off hand). What i mean is generally these days most unix like systems have a password file without actual password hashes in them that are world readable, and a separate file/db containing the password hashes for each account that is only readable by root. they must be merged into one file for john to crack. then i think it's a simple as typing 'john passwordfile' if you want brute force rather than dictionary. Aaron
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?63529.162.114.211.143.1079636196.squirrel>