1 00:00:00,270 --> 00:00:07,140 So there is brute force going applications, but sometimes you just have a password hash, so all we 2 00:00:07,140 --> 00:00:13,410 can do is actually try to crack the password, you know, with an application called John. 3 00:00:13,830 --> 00:00:18,550 So it's another application and clinics that you can use for cracking the password hash, you know, 4 00:00:18,550 --> 00:00:19,440 if that's all that you have. 5 00:00:19,770 --> 00:00:26,100 So if you have a good list of password hashes or a good word list, you could typically crack the password 6 00:00:26,100 --> 00:00:27,580 hash, you know, using John. 7 00:00:27,870 --> 00:00:30,040 So let's actually go and try to do this. 8 00:00:30,450 --> 00:00:32,690 OK, so back in the car, a Linux machine. 9 00:00:32,700 --> 00:00:34,120 So what? 10 00:00:34,350 --> 00:00:36,780 Let's go ahead and try to use John. 11 00:00:37,020 --> 00:00:41,460 So the first thing that we have to do is actually unsaddle the password. 12 00:00:41,760 --> 00:00:45,480 So let's say, for example, we had a root access to our Maspero machine. 13 00:00:45,810 --> 00:00:56,390 All we do is copy the contents of the HTC Shadowfax folder into a file and also slide past. 14 00:00:56,400 --> 00:01:02,370 It would fall into a folder and prayers with these files are they correlate to your passwords and your 15 00:01:02,370 --> 00:01:05,170 password hashes for like analytics accounts. 16 00:01:05,190 --> 00:01:09,420 And this is typically what you'll see when it comes to Linux systems. 17 00:01:09,820 --> 00:01:13,140 You can go ahead and look at those files just to get an idea of what it looks like. 18 00:01:13,150 --> 00:01:15,090 So you see a shadow. 19 00:01:15,300 --> 00:01:19,620 So this has a hash hashes in there and you can see the ones that have these super long was actually 20 00:01:19,620 --> 00:01:20,670 have passwords on them. 21 00:01:20,680 --> 00:01:23,430 So I created this user called victim. 22 00:01:23,460 --> 00:01:28,620 And we're going to try to do is actually try to crack the hash for their password. 23 00:01:30,170 --> 00:01:38,210 So what we can do is actually to show you locally we're going to imagine that we copy the contents of 24 00:01:38,210 --> 00:01:46,710 the of the folder of the those files over to our system and put them in the file so all we can do locally 25 00:01:46,710 --> 00:01:47,410 is right here. 26 00:01:47,440 --> 00:01:56,300 So EDC see past the videos and then he sees a shadow and then we're going to output this. 27 00:01:57,080 --> 00:01:59,790 It's in my past that reads that text. 28 00:02:00,140 --> 00:02:05,900 So this is going to unsaddle the password hashes and actually compile into this. 29 00:02:06,110 --> 00:02:08,730 My pastor reads that text file. 30 00:02:09,020 --> 00:02:14,210 So we go ahead and enter and now that's done and we get to do it else and check to see that the file 31 00:02:14,210 --> 00:02:14,650 is there. 32 00:02:15,170 --> 00:02:16,520 So we see that it is. 33 00:02:16,790 --> 00:02:21,870 So now what you want to do is actually have a word list that you want to use with this world. 34 00:02:21,870 --> 00:02:25,730 This is going to be used for is actually to create hashes. 35 00:02:25,730 --> 00:02:30,890 Incorporating is the hashes that we just made from and shadow. 36 00:02:31,180 --> 00:02:32,860 The already made one is very quick. 37 00:02:32,870 --> 00:02:35,270 Just I just need a list. 38 00:02:35,510 --> 00:02:36,500 I mean I just need to list. 39 00:02:36,500 --> 00:02:38,240 So we used to have list, just look at it. 40 00:02:38,520 --> 00:02:39,380 Sort of a password. 41 00:02:39,380 --> 00:02:41,300 Password once, the password once. 42 00:02:41,960 --> 00:02:48,950 So it's going to go to these and actually try to convert it to a hash to the hash and it's going to 43 00:02:48,950 --> 00:02:57,500 attempt to compare it to the hashes that we supplied it into my past, the text file, and it's going 44 00:02:57,500 --> 00:02:59,630 to find a match for the password that way. 45 00:03:00,080 --> 00:03:04,970 So if we want to actually use John, we're just going to have John Dash. 46 00:03:04,970 --> 00:03:08,990 That's where lists equals list. 47 00:03:09,680 --> 00:03:14,630 And then we're going to put the file that we had also on past the meds that to exceed. 48 00:03:15,050 --> 00:03:18,880 So this is the command that we're going to use and go ahead and enter and it's going to go through. 49 00:03:18,890 --> 00:03:19,670 It's going to run it. 50 00:03:19,950 --> 00:03:23,360 It's very quick because we don't have any password, many passwords for it to go through. 51 00:03:24,260 --> 00:03:33,830 But what we can do is to see, you know, what exactly, if anything, we can do on that show and then 52 00:03:33,830 --> 00:03:42,420 actually put my past DVDs that text file and see if it cracked any passwords from that file. 53 00:03:42,860 --> 00:03:50,840 So actually, right there, bam, we see that we crack the password for the victim, file for the user, 54 00:03:50,990 --> 00:03:54,150 and we see that their password is password one exclamation point. 55 00:03:54,350 --> 00:03:57,960 So we will be able with some log in to the system with that password. 56 00:03:58,190 --> 00:04:02,870 So John is very, very powerful and is a lot of different things that you could do, like setting different 57 00:04:02,870 --> 00:04:04,490 rules and such. 58 00:04:04,490 --> 00:04:06,590 And it's pretty complex. 59 00:04:06,590 --> 00:04:11,780 So you can go ahead and check out John and try to use that and play with this song and try to crack 60 00:04:11,780 --> 00:04:12,690 some password issues.