Pages: [1]

Author Topic: Running John the Ripper on Rooted Box  (Read 675 times)

0 Members and 1 Guest are viewing this topic.

Offline z3n3r

  • /dev/null
  • *
  • Posts: 7
  • Cookies: -2
  • Crazy....
    • View Profile
    • GNY !
Running John the Ripper on Rooted Box
« on: December 11, 2013, 09:35:19 pm »
Hi I am running a simulation attack on a Ubuntu box with remote code execution vulnerability through a web app.(Virtualbox)

I have installed john the ripper on the rooted box and would like to run it to crack a SHA256 password.

Is there anyway to run jtr on the rooted box without throttling the cpu to 100% and alerting the sysadmins?. What arguments are passed when calling john to accomplish this ?

Ps: This is all assuming this is a live HTTP server with MYSQL running at a remote location.   

Thanks.
Report to moderator   Logged
You'll be suprised how many stupid people there are in the world !
7 billion and counting....

Offline vezzy

  • Royal Highness
  • ****
  • Posts: 771
  • Cookies: 172
    • View Profile
Re: Running John the Ripper on Rooted Box
« Reply #1 on: December 11, 2013, 10:37:43 pm »
Why the hell would you crack hashes on the compromised machine?

You dump the files to your machine, crack them offline and then use the credentials on the compromised machine to get whatever you need.
Report to moderator   Logged
Quote from: Dippy hippy
Just brushing though. I will be semi active mainly came to find a HQ botnet, like THOR or just any p2p botnet

Offline proxx

  • Avatarception
  • Global Moderator
  • Titan
  • *
  • Posts: 2803
  • Cookies: 256
  • ФФФ
    • View Profile
Re: Running John the Ripper on Rooted Box
« Reply #2 on: December 12, 2013, 07:47:52 am »
There is a tool called cpulimit.
http://cpulimit.sourceforge.net/

Syntax is pretty easy and runs on pretty much anything.
Report to moderator   Logged
Wtf where you thinking with that signature? - Phage.
This was another little experiment *evillaughter - Proxx.
Evilception... - Phage
Pages: [1]