Re: Etc/shadow file and john

[Terry Vernon <tvernon24 () comcast net>]

i dont have much other experience with any other cracker besides john 
since it does what it does so well, however i can say what steps i take 
to minimize the length of time it takes to crack. Get yourself several 
good dictionary files. One english language dictionary, one with first 
names and one with surnames. I haven't used john in a long time but it 
used to have the options to run dictionary attacks with variations on 
the words in the dictionary file. I'd get many hits in a short period 
like this. After that I would then switch to incremental mode and let it 
run for as long as i had the patience (4 days for me tops). It doesn't 
matter the format of the file I believe since it reads the contents into 
memory anyways. Try that. If you had already done this and I wasted your 
time I'm sorry.

However, since you were able to get the shadow file this means you have 
root access and would net more passwords by installing a sniffer like 
ettercap or dsniff. Just an option.

PS. I like your paints, they shine well (i bet you get that alot)

Terry Vernon
CTO
Sprite Technologies

Sherwyn Williams wrote:

> I am doing an assesment for passwords on a network, after getting the 
> password file I piped the output to a text file, tried to run that 
> against John and can't get any luck with the program. Do anyone here 
> uses any other password programs, and is there a better format than a 
> text file to store the out of the etc/shadow when trying to get the 
> passes.
> Sherwyn Williams
> Technical Consultant
> Sherwill22 () tmail com