I am new to this forum and this is the first time I try “John the Ripper”.
Currently I forget a password but I remember that there is a space inside it like [John-+the Ripper@putty]; is not a part of the password.
I would like to know how to make a Wordlist to crack a password like this. I have read an article from openwall.com https://www.openwall.com/lists/john-users/2008/10/17/2
However, the article does not include the combination like this form [John-+the Ripper@putty]
I have also made a new ppk with a simple password [ +Ee] with a wordlist
+ E e
to test the method but no luck, seems I have misunderstanding on the Wordlist method.
Sorry for my English.
I recently set up my WordPress blog and I changed the password of its mysql database to a 24 character randomly generated password. I have a few questions about the database:
- Is my database name visible?
- Does a hacker need both the database name and the password to crack it?
- How long would it take to crack a 24 char mysql password using 10 Nvidia 1080ti video cards?
I searched Security.SE but couldn’t find any specific questions about wordpress sql security. This wordpress.org page explains how databases are created but nothing specific about its visibility.
Is it even possible to brute force login credentials for rather popular services like instagram or reddit for example? They propably limit the number of authentication requests you send them. If so, how do hackers steal your credentials then?
Title says it all, I can’t tell if John is just crashing or “gives up” on cracking the hash. First I start off by creating an md5 hash out of a word I KNOW is on the rockyou.txt wordlist:
echo -n 'password' | md5sum > testhash
After removing the hyphen at the end of the test hash file:
Now I attempt to crack the md5 hash using the following John the Ripper command:
john --format=raw-md5 --wordlist= /usr/share/wordlists/rockyou.txt testhash
I get the output:
Loaded 1 password hash (Raw-MD5 [MD5 256/256 AVX2 8*3]) No password hashes left to crack (see FAQ)
Then I run:
john --show testhash
0 password hashes cracked, 2 left
Sorry if I’m doing something terribly wrong, but I’m at a loss here. I’m assuming it’s something wrong with how my installation of John on Kali Linux is handling the wordlist. Thank you in advance!
I have rar with protected pass.But I have the AES-256 key can I crack it and if I can. how?
i need help with this: for an exercise i need to crack this hash
$ apr1$ cy5UgTjB$ 1D.TuLHrP.Q5ZN7evMbRS1 I found with hash-identifier that it’s a MD5(APR) hash, -m 1600 in hashcat. So i runned:
hashcat -a 0 -m 1600 $ apr1$ cy5UgTjB$ 1D.TuLHrP.Q5ZN7evMbRS1 /usr/share/wordlists/rockyou.txt --force
But i get this error
Hash 'D.TuLHrP.Q5ZN7evMbRS1:asltey': Separator unmatched No hashes loaded.
Do you know why? Thank you.
I want to try to break an LCG generator just as programming practice task. I found similar issue at Cracking a linear congruential generator.
Assume that m is given. The answer to the link above assumes that there are 3 consecutive output values given. Then it is just solving the resulting 2 linear equations. But what if there are only 2 values given? For some values, there probably will be several candidate LCG. How to list all of them and do so efficiently?
It is possible to crack into a Sim and get internet or free calls?
Is there right way to crack php hashed password ?
I used to hash a password php password_hash() method. Php version 7.3
Then i create a word list using python script. It’ s size around 1GB.
Then i crete a php script to read that word list and verify the password. To do that i used password_verify() method in php.
Finaly i execute the php script using terminal.
Its worked fine. But getting too much time to crack the password.
As a student i like to write my own scripts and tools. So any one has a idea to get much performance and efficiant way to do this kind of work.
I also searched about clustering and , gpu using for password cracking.
But i didn’t get any chance to learn breefly above concepts.
I have come across a hash and hash-identifier identifies it to be of type I came across this answer which is a very good reference point, however, I wanted to know three things:
- Online tools to crack this hash given the password. I did come across hashcat and john the ripper. I tried the latter without giving the username(no results). Hashcat did not have the appropriate documentation for the same.
- wordlist to be used to brute-force the password
- Is scripting the only way to crack the password? Which library should be used? python3 does not have an md4 function.