In the second part of this tutorial, we are going to crack the hashes that we've captured previously. I'm going to explain how to do it with the powerful John the Ripper. It comes with Kali by default, so no need to install!
Using John the Ripper
If you don't know nothing about this tool, you can check this Wikipedia article.
First, we have to put the password hashes in a friendly format for John. To do so, we will use a simple script that puts our freeradius-credsXXXXX.txt file in John format, you can download it here.
Visit the previous link, copy the script text to your clipboard and open a terminal.
Type:
nano radiustojohn.py
Paste the text from your clipboard and hit Control + O to save the changes, then Control + X to exit. Change the permissions to the file by typing:
chmod +x radiustojohn.py
At this point execute the script with the freeradius-credsXXXXXXX.txt file as parameter:
./radiustojohn.py <path to the freeradius-creds file>
Now we've generated a freeradius.john file that John can understand. Type:
john --format=netntlm freeradius.john
At any time you can hit any key to see the status. As you can see, in about 3 seconds we've guessed 12 passwords. The weaker the password, the faster we crack it. Stronger passwords can take years to be cracked, of course you can use a custom wordlist:
john --format=netntlm --wordlist=<path to your dictionary file> freeradius.john
If you know something about the password, for example the length, you can modify the John's configuration file in order to try only passwords of that length. The configuration file is located in /etc/john/john.conf, let's make a backup of that file:
cd /etc/john/
cp john.conf john.conf.old
Now that we've made a backup of the original file, let's change it.
leafpad john.conf
At this point of the file, change the MinLen and the MaxLen for the length of the password. Imagine that you know the password's length is exactly 8, then you must put 8 in MinLen and 8 in MaxLen. Save the changes and run John:
john --format=netntlm --incremental=All freeradius.john
John also supports OpenCL to work with your GPU, which can crack so much faster.
That's all, I hope you've enjoyed! Ask any question!
Just updated your iPhone? You'll find new emoji, enhanced security, podcast transcripts, Apple Cash virtual numbers, and other useful features. There are even new additions hidden within Safari. Find out what's new and changed on your iPhone with the iOS 17.4 update.
4 Comments
Again great stuff, really appreciate the time you put into this :)
Cheers,
Washu
Thanks, Washu.
Thanks for this tutorials Jako!
Thank you for read it!
Share Your Thoughts