Thursday, February 9, 2017

John " the Ripper "


  Steps for Password Cracking Demonstration using John the Ripper:

1.       Launch Windows XP and create a few accounts with passwords if you have not done so.
2.       Shutdown Windows XP after completing the above step.
3.       In order for one to extract the hash file from Windows XP in Kali. Both OS have to be running on the same machine. For the Bootable USB Drive this step can be ignored; however, for the Virtual Box Demonstration one must add the XP machine’s virtual hard disk to the Kali Linux Virtual Machine. This can be done by going to the Virtual Machine’s setting and under Storage selecting Controller: SATA, clicking add virtual hard disk, and then selecting the XP Virtual Machine’s hard disk where ever it is located.

4.       Start up the Kali Linux Virtual Machine and open the terminal.
5.       Type fdisk -l to show the partition table, or all hard disk partitions on the Virtual Machine

6.       Then type mount -t  ntfs /dev/sdb1 /mnt. This allows one to gain access to the file system stored on this hard disk.
7.       Next type df -k to show used or available space in the volumes of this hard disk.

8.       After doing that, change directories by typing cd /mnt to go to the /mnt directory. From here, type in ls to show the contents of this directory. Then change directories to WINDOWS/system32/config using the same command as this is the location of the SAM file. This . Now type ls to show the contents of this directory as well. As you can see SAM file is located in this directory.
9.       Now type bkhive system /root/hive.txt followed by samdump2 SAM /root/hive.txt> /root/hash.txt

10.    Next go back to the root directory by typing cd /root
11.    Now type the following commands in that order:
a.       ls -l *.txt
b.       file *.txt
c.        cat hash.txt
This should show what is stored in the hash.txt file.

Figure 1: Obtaining the hash file.
12.     Copy and paste this over into leafpad and save it as password.txt onto under root/Home.

13.     Now either open up Johnny the GUI version of John the Ripper and open up the file, or type in the terminal john followed by the name of the text file, in this case password.txt to crack the passwords.

     Figure 2: After the cracking process,

No comments:

Post a Comment