John The Ripper?
Aaron Peterson
aaron at alpete.com
Thu Mar 18 10:53:35 PST 2004
> Does anyone know the best way to execute john the ripper against freebsd
> password files? I'm testing the strength of my own passwords and have
> never
> used this software for. The way it looks to me, I need to obtain a
> dictionary file, or pound on the keyboard to have john start guessing
> passwords.
you will need a merged (old style) password file to give john, and i
believe there are some easy programs you can run as root to accomplish
this (although i don't know their names off hand). What i mean is
generally these days most unix like systems have a password file without
actual password hashes in them that are world readable, and a separate
file/db containing the password hashes for each account that is only
readable by root. they must be merged into one file for john to crack.
then i think it's a simple as typing 'john passwordfile' if you want brute
force rather than dictionary.
Aaron
More information about the freebsd-questions
mailing list