Penetration Testing mailing list archives
RE: Etc/shadow file and john
From: "Clement Dupuis" <cdupuis () cccure org>
Date: Thu, 28 Jul 2005 17:11:01 -0400
I agree Rainbow Tables can greatly speed up the process. However, it might take you a long time to generate them. I spend 68 days generating mine and then I found out about http://www.rainbowtables.net These guys have the tables for sale, at the price they sell them, it was not worth spending 68 days processing mine. Rainbow tables are very fast, really worth a try. Clement Clément Dupuis, CD President/Security Evangelist/Chief Learning Officer (CLO) CCCure Enterprise Security & Training Inc. CISSP, GCFW, GCIA, Security+, CEH, CCSA, MBNS, MBIS, MBHS, CCSE, ACE Maintainer of : The CISSP and SSCP Open Study Guides Web Site http://www.cccure.org The Professional Security Testers Warehouse http://www.professionalsecuritytesters.org
-----Original Message----- From: Leandro Reox [mailto:lmet5on () fibertel com ar] Sent: Wednesday, July 27, 2005 10:45 PM To: 'Sherwyn Williams'; pen-test () securityfocus com Subject: RE: Etc/shadow file and john An effective method to get passwords is to pass them trough specific generated rainbow tables with a tool like CAIN. Is this hash encrypted with md5 or another known hashing algorithm ? Cheers -- Leandro Reox http://www.securearg.net/ Secure from the source -----Original Message----- From: Sherwyn Williams [mailto:sherwill22 () tmail com] Sent: Wednesday, July 27, 2005 1:57 PM To: pen-test () securityfocus com Subject: Etc/shadow file and john I am doing an assesment for passwords on a network, after getting the password file I piped the output to a text file, tried to run that against John and can't get any luck with the program. Do anyone here uses any other password programs, and is there a better format than a text file to store the out of the etc/shadow when trying to get the passes. Sherwyn Williams Technical Consultant Sherwill22 () tmail com
Current thread:
- Etc/shadow file and john Sherwyn Williams (Jul 27)
- RE: Etc/shadow file and john Leandro Reox (Jul 28)
- Re: Etc/shadow file and john Sherwyn Williams (Jul 28)
- RE: Etc/shadow file and john Clement Dupuis (Jul 28)
- Re: Etc/shadow file and john Dave Spencer (Jul 28)
- Re: Etc/shadow file and john Terry Vernon (Jul 28)
- Re: Etc/shadow file and john frank boldewin (Jul 28)
- Re: Etc/shadow file and john Sherwyn Williams (Jul 28)
- Re: Etc/shadow file and john Wayne G (Jul 28)
- RE: Etc/shadow file and john Leandro Reox (Jul 28)