Tag: john

How to Penetration Test Linux Passwords with John the Ripper – Ethical Hacking / Penetration Testing

~ Tom's IT Cafe ~ 1 Comment

If you are a penetration tester, you might need to crack passwords on Linux systems as part of your engagements. One of the tools you can use for this purpose is John the Ripper (JtR), an open source password cracker that supports many encryption and hashing algorithms.

This blog post is intended to provide an educational introduction about a penetration testing tool. The tool is designed to help security professionals and ethical hackers identify and exploit vulnerabilities in applications. The author does not condone or encourage any illegal or malicious use of the tool. The readers are solely responsible for their own actions and the consequences of using the tool.

Continue reading “How to Penetration Test Linux Passwords with John the Ripper – Ethical Hacking / Penetration Testing”

How to crack passwords with John the Ripper? Password hacking in real practice as an Ethical Hacker!

~ Tom's IT Cafe ~ 2 Comments

In the first part of this series we found out a user’s password with Hydra with simply attacking his account via SSH. It is a so called “dictionary attack”, and because of the lack of security measurements we could get into the remote system.

In this exercise we continue our Ethical Hacking journey and we will find a way to get root privileges on the remote machine. This is called privilege escalation.

Important note: cracking passwords in the wild is illegal! Do NOT do it out of the lab, unless you are a penetration tester with a signed contract!

Continue reading “How to crack passwords with John the Ripper? Password hacking in real practice as an Ethical Hacker!”