John the Ripper/Scripting: Difference between revisions
From charlesreid1
No edit summary |
No edit summary |
||
| Line 1: | Line 1: | ||
How to go from a list of John the Ripper password files to a cracked password or two? | How to go from a list of John the Ripper password files to a cracked password or two? | ||
= | =A Word on Simplicity= | ||
First, I was using Python. Not only was I using Python, I was using simple, operating system level Python. Why? Because in a real world situation, your Numpy will break, your Pandas will break, you will not need to plot anything, your fancy analysis scripts will stay tucked away at home. Practical scripts require simplicity to be robust. Can you run your tools immediately after you reinstall your operating system? | First, I was using Python. Not only was I using Python, I was using simple, operating system level Python. Why? Because in a real world situation, your Numpy will break, your Pandas will break, you will not need to plot anything, your fancy analysis scripts will stay tucked away at home. Practical scripts require simplicity to be robust. | ||
Can you run your tools immediately after you reinstall your operating system? Do you have packages that are absolutely essential archived somewhere? Somewhere close at hand? | |||
=The Procedure= | |||
Depending on what kind of passwords you're trying to crack with John the Ripper, your procedure will look different. For example, on a wireless network you'll need to obtain handshake files and convert them to the right format for each username and password combination, but with Unix password files, you have one big list in a single file. | |||
==WPA Procedure== | |||
The complications of scripting WPA cracking with John the Ripper lies mainly in extracting the necessary information that leads up to the cracking. Listening to networks, finding clients, attacking access points, capturing handshakes, and converting them are all done prior to using John. | |||
The input John expects is a John password file with WPA encryption. The process of going from an [[Aircrack]] capture file to a John password file is covered on the [[John_the_Ripper/WPA]] page. | |||
Once we have the John password file, there isn't anything particularly unusual about the password file, except that WPA requires a minimum password length of 8. | |||
Revision as of 20:43, 19 August 2015
How to go from a list of John the Ripper password files to a cracked password or two?
A Word on Simplicity
First, I was using Python. Not only was I using Python, I was using simple, operating system level Python. Why? Because in a real world situation, your Numpy will break, your Pandas will break, you will not need to plot anything, your fancy analysis scripts will stay tucked away at home. Practical scripts require simplicity to be robust.
Can you run your tools immediately after you reinstall your operating system? Do you have packages that are absolutely essential archived somewhere? Somewhere close at hand?
The Procedure
Depending on what kind of passwords you're trying to crack with John the Ripper, your procedure will look different. For example, on a wireless network you'll need to obtain handshake files and convert them to the right format for each username and password combination, but with Unix password files, you have one big list in a single file.
WPA Procedure
The complications of scripting WPA cracking with John the Ripper lies mainly in extracting the necessary information that leads up to the cracking. Listening to networks, finding clients, attacking access points, capturing handshakes, and converting them are all done prior to using John.
The input John expects is a John password file with WPA encryption. The process of going from an Aircrack capture file to a John password file is covered on the John_the_Ripper/WPA page.
Once we have the John password file, there isn't anything particularly unusual about the password file, except that WPA requires a minimum password length of 8.