Wednesday, 22 August 2007

John the Ripper identify weak passwords

You can check your users if they are using weak passwords,

get you /etc/shadow file

make word list if you predict common word or find here

following command gives you user names and you can use this file as a dictionary(this is going to help who used username and password same).
cat /etc/passwd | awk -F : '{print $1}' > word.lst

merge dictionary files.

use John the Ripper,
john --wordlist=word.lst shadow

No comments: