In the first part of this series we found out a user’s password with Hydra with simply attacking his account via SSH. It is a so called “dictionary attack”, and because of the lack of security measurements we could get into the remote system.

In this exercise we continue our Ethical Hacking journey and we will find a way to get root privileges on the remote machine. This is called privilege escalation.

Important note: cracking passwords in the wild is illegal! Do NOT do it out of the lab, unless you are a penetration tester with a signed contract!

Continue reading “How to crack passwords with John the Ripper? Password hacking in real practice as an Ethical Hacker!” →