Hello all,
I'm learning the usage of JTR.
Read the docs a bit ( not whole ) and did some search on tutorial on it.
Found one by "weazy" also.
My processor is quite old one....its p3 600 MHz processor only. So i know it will take a long to crack the password.
I tried cracking some simple passwords...it did in short time.
now i've assigned the password "kill#23" to a user (slackware) and JTR is running for last 9-10 hrs trying cracking it.
1. Could something be done to make it faster (don't want to change my processor lol ). Means using some word list etc will help or just brute forcing is only option in this case (kill#23)
2. Making any changes in "rules" will help ???
3. Any guidelines using it in a better way.
regards
Learning the usage of John The Ripper....few questions
- the_gr8_rules
- forum buddy
- Posts: 14
- Joined: 05 Sep 2006, 16:00
- 18
- Contact:
cracking my lips are smackin'
/www.outpost9.com/files/WordLists.html
When you fingerprint a computer or the person using the computer, you try to guess on which wordlist to try on that person. If the person is albanian, I know I will try a albanian wordlist. If the kid has a screen name of a movie or rock star or hacker-wanna-be, you try that kind of wordlist.
passphrases are the best kinds of passwords, dictionary and most created wordlist cannot match them easily if at all. Imagine passphrases that are misspelled 'yermahbieotch' or include alpha-numeric imposition 'c0vertlish3r3n0w'
Bruteforcing could eventually crack a passphrase, thats why I am sure the Feds could eventually crack anyone's password.
Change your passwords often and avoid using the same password for other not-so-secure logins. If you use the same password for AIM as you did on a Blowfish encrypted file, I am not going to bother cracking the blowfish, I'll crack the AIM login first and try that password.
DNR
When you fingerprint a computer or the person using the computer, you try to guess on which wordlist to try on that person. If the person is albanian, I know I will try a albanian wordlist. If the kid has a screen name of a movie or rock star or hacker-wanna-be, you try that kind of wordlist.
passphrases are the best kinds of passwords, dictionary and most created wordlist cannot match them easily if at all. Imagine passphrases that are misspelled 'yermahbieotch' or include alpha-numeric imposition 'c0vertlish3r3n0w'
Bruteforcing could eventually crack a passphrase, thats why I am sure the Feds could eventually crack anyone's password.
Change your passwords often and avoid using the same password for other not-so-secure logins. If you use the same password for AIM as you did on a Blowfish encrypted file, I am not going to bother cracking the blowfish, I'll crack the AIM login first and try that password.
DNR
-
He gives wisdom to the wise and knowledge to the discerning. He reveals deep and hidden things; he knows what lies in Darkness, and Light dwells with him.
He gives wisdom to the wise and knowledge to the discerning. He reveals deep and hidden things; he knows what lies in Darkness, and Light dwells with him.
- the_gr8_rules
- forum buddy
- Posts: 14
- Joined: 05 Sep 2006, 16:00
- 18
- Contact:
Re: cracking my lips are smackin'
Thanks you all for the suggestions .
To best of my knowledge its not possbile to run cracker on them as we won't have the hashes etc.
curious to know if its possible.
regards
I didn't get this "Feds".DNR wrote: Bruteforcing could eventually crack a passphrase, thats why I am sure the Feds could eventually crack anyone's password.
How is it possible to crack AIM or yahoo passwords.I'll crack the AIM login first and try that password.
DNR
To best of my knowledge its not possbile to run cracker on them as we won't have the hashes etc.
curious to know if its possible.
regards
- the_gr8_rules
- forum buddy
- Posts: 14
- Joined: 05 Sep 2006, 16:00
- 18
- Contact:
feds?
feds, 1088's, badges, and even lawyers. Fed is a reference to government agencies that are tasked with computer crimes investigations, even NCSC.MIL , the national computer security center.
For thought. If you have a machine or network that can try 100,000 passwords _per second_ it will likely crack your password in an hour if not a few hours.
Changing your password often is one way to defeat this, sort of like a RSA mobile key that issues a new login password each time you have to login.
The key to this problem is a cracker gaining access to that hash or registry value to crack it.
The idea is to protect your personal computer from physical/remote access from spyware and ex-friends. If they can't get the hash or reg value, they can't crack it.
DNR
For thought. If you have a machine or network that can try 100,000 passwords _per second_ it will likely crack your password in an hour if not a few hours.
Changing your password often is one way to defeat this, sort of like a RSA mobile key that issues a new login password each time you have to login.
The key to this problem is a cracker gaining access to that hash or registry value to crack it.
The idea is to protect your personal computer from physical/remote access from spyware and ex-friends. If they can't get the hash or reg value, they can't crack it.
DNR
-
He gives wisdom to the wise and knowledge to the discerning. He reveals deep and hidden things; he knows what lies in Darkness, and Light dwells with him.
He gives wisdom to the wise and knowledge to the discerning. He reveals deep and hidden things; he knows what lies in Darkness, and Light dwells with him.
rainbow crack?
-
He gives wisdom to the wise and knowledge to the discerning. He reveals deep and hidden things; he knows what lies in Darkness, and Light dwells with him.
He gives wisdom to the wise and knowledge to the discerning. He reveals deep and hidden things; he knows what lies in Darkness, and Light dwells with him.
Also , if u try JTR on "other" pass words that they will likey be atleast 6-8 chacters long, since most system admin's make tham mandatory
on good site for JTR Guide's I found was:
windowz =
http://www.governmentsecurity.org/artic ... inners.php
http://www.governmentsecurity.org/artic ... torial.php
Linux = (get back to ya soon) sorry
on good site for JTR Guide's I found was:
windowz =
http://www.governmentsecurity.org/artic ... inners.php
http://www.governmentsecurity.org/artic ... torial.php
Linux = (get back to ya soon) sorry
“Yes, I am a criminal. My crime is that of curiosity.”