StefanoStrozzi.it

Questa è una vecchia versione del documento!

---

localmente ad una macchina linux dopo installazione standard fatta da debian con apt-get:

john /etc/shadow

va ad effettuare la ricerca all'interno del file /etc/shadow di linux.
Quindi sa già in che modo dovrà cercare perchè il file shadow ha una sua struttura. Cercherà considerando la posizione in ogni riga dei caratteri da cercare.

ma la cosa migliore è installare la versione jumbo dai sorgenti. quindi dopo aver scaricato il file john-1.8.0-jumbo-1.tar.gz dal mio mirror.:

tar -xzvf john-1.8.0-jumbo-1.tar.gz
cd john-1.8.0-jumbo-1
cd src
./configure --enable-mpi
make -s clean
make -sj4
cd ..
cd run
./john --test

aspettare che finisca e se tutto è andato bene ora è pronto per esere eseguito da questa directory.
per installarlo penso si debba aggiungere ai comandi tipici dell'installazione un

make install

ma non sono sicuro così come non so a che cosa serva il make -s clean e il make -sj4

ho messo il ./ prima di john perchè altrimenti non lo esegue.

altro sistema:

./john --format=raw-md5 percorso-file-lista-password percorso-file-con-hash-da-scoprire

altrimenti se abbiamo già un file di testo contenente l'hash MD5 (attenzione le lettere devono essere minuscole altrimenti john non lo riconosce)

./john percorso-file-con-hash-da-scoprire/file-di-testo

se non si specifica il tipo di hash o la tipologia di crittazione john la cerca automaticamente e lo si capisce dal seguente output che appare subito dopo l'esecuzione del comando

Warning: detected hash type "LM", but the string is also recognized as "HAVAL-128-4"
Use the "--format=HAVAL-128-4" option to force loading these as that type instead
Warning: detected hash type "LM", but the string is also recognized as "lotus5"
Use the "--format=lotus5" option to force loading these as that type instead
Warning: detected hash type "LM", but the string is also recognized as "MD2"
Use the "--format=MD2" option to force loading these as that type instead
Warning: detected hash type "LM", but the string is also recognized as "mdc2"
Use the "--format=mdc2" option to force loading these as that type instead
Warning: detected hash type "LM", but the string is also recognized as "mscash"
Use the "--format=mscash" option to force loading these as that type instead
Warning: detected hash type "LM", but the string is also recognized as "mscash2"
Use the "--format=mscash2" option to force loading these as that type instead
Warning: detected hash type "LM", but the string is also recognized as "NT"
Use the "--format=NT" option to force loading these as that type instead
Warning: detected hash type "LM", but the string is also recognized as "nt2"
Use the "--format=nt2" option to force loading these as that type instead
Warning: detected hash type "LM", but the string is also recognized as "Raw-MD4"
Use the "--format=Raw-MD4" option to force loading these as that type instead
Warning: detected hash type "LM", but the string is also recognized as "Raw-MD5"
Use the "--format=Raw-MD5" option to force loading these as that type instead
Warning: detected hash type "LM", but the string is also recognized as "Raw-MD5u"
Use the "--format=Raw-MD5u" option to force loading these as that type instead
Warning: detected hash type "LM", but the string is also recognized as "ripemd-128"
Use the "--format=ripemd-128" option to force loading these as that type instead
Warning: detected hash type "LM", but the string is also recognized as "Snefru-128"
Use the "--format=Snefru-128" option to force loading these as that type instead
Warning: detected hash type "LM", but the string is also recognized as "lotus5-opencl"
Use the "--format=lotus5-opencl" option to force loading these as that type instead
Warning: detected hash type "LM", but the string is also recognized as "mscash2-opencl"
Use the "--format=mscash2-opencl" option to force loading these as that type instead
Warning: detected hash type "LM", but the string is also recognized as "nt-opencl"
Use the "--format=nt-opencl" option to force loading these as that type instead
Warning: detected hash type "LM", but the string is also recognized as "Raw-MD4-opencl"
Use the "--format=Raw-MD4-opencl" option to force loading these as that type instead
Warning: detected hash type "LM", but the string is also recognized as "Raw-MD5-opencl"
Use the "--format=Raw-MD5-opencl" option to force loading these as that type instead