Author Topic: John taking forever (Read 1891 times)

DeXtreme · « **on:** May 07, 2013, 03:11:35 pm »

So today i tried ssh'ing into a server but they had changed their password.Luckily my backdoor still worked so i manged to get the new password hash

..However,cracking it is taking forever.I'm currently using John the Ripper but i was wondering if there are any other faster alternatives?

proxx · « **Reply #1 on:** May 07, 2013, 03:38:16 pm »

Iirc you could use hashcat to do this.
This is the GPU cracking era

wake up.

Nexus · « **Reply #2 on:** May 07, 2013, 03:50:46 pm »

Post deleted, misunderstood the question, apologies.

proxx · « **Reply #3 on:** May 07, 2013, 04:00:50 pm »

Quote from: Nexus on May 07, 2013, 03:50:46 pm

I don't think Hashcat supports the SSH key format. Another option is http://leidecker.info/projects/phrasendrescher.shtml although I don't know how its speed compares to JtR.

I think you misunderstood.
He obtained the hash from the shadow file which has nothing to do with SSH in this scenario.
If no keys such as rsa are used the login is done with the users account.

DeXtreme · « **Reply #4 on:** May 07, 2013, 05:18:57 pm »

Quote from: proxx on May 07, 2013, 03:38:16 pm

Iirc you could use hashcat to do this.
This is the GPU cracking era wake up.

GPU cracking?.Thats new to me.Gonna go research.

Thanks a lot..Do you suggest any particular articles?

Okay i found this website that kinda explains GPU cracking and it's amazing speed.
http://mytechencounters.wordpress.com/2011/04/03/gpu-password-cracking-crack-a-windows-password-using-a-graphic-card/
This Ivan Golubev is awesome

Thanks again proxx..

Does it work for linux passwords too?

techb · « **Reply #5 on:** May 07, 2013, 06:23:11 pm »

Sorry for it being vimeo, but this was at a con we have in town.

Link.

vezzy · « **Reply #6 on:** May 07, 2013, 09:33:23 pm »

Quote from: DeXtreme on May 07, 2013, 05:18:57 pm

Does it work for linux passwords too?

Of course it does. Basic hardware is OS-agnostic.

The gist of this is that a GPU on average is able to execute a much larger amount of 32-bit instructions per clock (frequency rate in Hz), up to 800 times or more.

DeXtreme · « **Reply #7 on:** May 08, 2013, 02:58:03 am »

GPU cracking looks very efficient.However,my gpu is a low class intel so i guess that's out for now.But i'd like to try it out soon though

Ragehottie · « **Reply #8 on:** May 08, 2013, 03:06:52 am »

Woa. My dealer's name is John. And he always takes forever to text me back. And I was just texting him. And this is what I as thinking. Woah. Creepy.

proxx · « **Reply #9 on:** May 08, 2013, 10:15:08 am »

I could say alot but wikipedia always outsmarts me

Quote

$id$salt$hashed", where "$id" is the algorithm used (On GNU/Linux, "$1$" stands for MD5, "$2a$" is Blowfish, "$5$" is SHA-256 and "$6$" is SHA-512, crypt(3) manpage, other Unix may have different

DO I need to say more ?
hashcat is your girl.

DeXtreme · « **Reply #10 on:** May 09, 2013, 01:33:14 pm »

proxx +1

Evilone · « **Reply #11 on:** May 09, 2013, 07:24:45 pm »

JtR also supports GPU cracking. If you share the hash with me I can try to crack it on my rig.

DeXtreme · « **Reply #12 on:** May 10, 2013, 03:41:48 am »

okay..i'll inbox it to you.

EvilZone

News:

Author Topic: John taking forever (Read 1891 times)

DeXtreme

John taking forever

proxx

Re: John taking forever

Nexus

Re: John taking forever

proxx

Re: John taking forever

DeXtreme

Re: John taking forever

techb

Re: John taking forever

vezzy

Re: John taking forever

DeXtreme

Re: John taking forever

Ragehottie

Re: John taking forever

proxx

Re: John taking forever

DeXtreme

Re: John taking forever

Evilone

Re: John taking forever

DeXtreme

Re: John taking forever