Saturday, March 2, 2019

Understanding password cracking - the basics from a Linux perspective - The Demo

In the previous post, we looked at understanding the basics of password cracking. While in that post we developed some code, this post is just a quick look to see what the output looks like once executed. Note, to make sense of this post, you are better off starting in this previous post if you did not look at it before.

We execute the program by giving it one argument which is the password list (dictionary). This can be any list but I'm using the one I put together in the previous post.

root@securitynik:~# ./passwordCraker.py SecurityNik.lst

Once executed, here is what we have

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
root@securitynik:~# ./passwordCraker.py SecurityNik.lst
passwordCrakcer.py
Author: Nik Alleyne
Author Blog: www.securitynik.com
[*] we will be looking for a match for password '$6$uPdhX/Zf$Kp.rcb4AWwtx0EJq235tzthWXdIEoJnhZjOHbil3od1AyMf3t8Yi6dAPlhbHVG9SLx5VSIPrXTZB8ywpoOJgi.'
[*] Starting password cracking ...
[*] Loading password file 'SecurityNik.lst' into memory ...
[-] Trying password:Passw0rd
[-] Trying password:GuessMe
[-] Trying password:admin
[-] Trying password:root
[-] Trying password:1234567890
[-] Trying password:Password1
[-] Trying password:ftp
[-] Trying password:root
[-] Trying password:SecurityNik
[+] MATCH FOUND! Password is:toor
[+] Password $6$uPdhX/Zf$Kp.rcb4AWwtx0EJq235tzthWXdIEoJnhZjOHbil3od1AyMf3t8Yi6dAPlhbHVG9SLx5VSIPrXTZB8ywpoOJgi.
 MATCHES
 Password $6$uPdhX/Zf$Kp.rcb4AWwtx0EJq235tzthWXdIEoJnhZjOHbil3od1AyMf3t8Yi6dAPlhbHVG9SLx5VSIPrXTZB8ywpoOJgi.

From above, we see we tried a number of different passwords but ultimately found one that matched.

Remember, see the previous post to add more context to this one.

No comments:

Post a Comment