【笔记】John学习笔记
source link: https://feiju12138.github.io/2022/05/22/John%E5%AD%A6%E4%B9%A0%E7%AC%94%E8%AE%B0/
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
【笔记】John学习笔记
2022-05-22
2
John the Ripper is a fast password cracker, currently available for many flavors of Unix, macOS, Windows, DOS, BeOS, and OpenVMS (the latter requires a contributed patch). Its primary purpose is to detect weak Unix passwords. Besides several crypt(3) password hash types most commonly found on various Unix flavors, supported out of the box are Kerberos/AFS and Windows LM hashes, as well as DES-based tripcodes, plus hundreds of additional hashes and ciphers in “-jumbo” versions.(Github)
通过John爆破密码Hash
shadow:类Unix的密码Hash/etc/shadow文件win2k8.hash:通过QuarksPwDump获取的Windows密码Hash--format=NT:如果是爆破Windows的密码Hash,需要指定这个参数,如果不指定这个参数,默认爆破类Unix的密码Hash--wordlist=<src>:指定密码字典,如果不指定这个参数,则使用内置的密码字典
<src>:字段文件路径
john shadow
john win2k8.hash --format=NT
查看已经爆破的密码
- 已爆破的密码会存放在
~/.john/目录下的john.pot文件中,所以再次执行爆破语句不会重新开始爆破- 如果需要查看已经爆破的密码,可以使用
--show参数 - 如果需要重新爆破,需要删除
~/.john/john.pot文件
- 如果需要查看已经爆破的密码,可以使用
john shadow --show
john win2k8.hash --format=NT --show
[哔哩哔哩——千锋教育网络安全学院](https://www.bilibili.com/video/BV1Lf4y1t7Mc
</div
Recommend
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK