LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 11-05-2003, 09:08 AM   #1
ssobeht
Member
 
Registered: Oct 2003
Distribution: Debian Sarge
Posts: 207

Rep: Reputation: 30
John the Ripper (and a lammer friend)


A friend who loves Micro$hit and who beleaves tha he is a hacker, said that linux is less secure tah windows. I obviously laughed and know we had bet 10 (it's not too much but it's the honour what pains the most).

He has lost the bet, because i had troyaned his pc without many efforts. But he keeps saying that he will get my root password using John the Ripper. Obviously he will never get my pass file. But that program has awaken my curiosity.
I'm testing it with my root pass using incremental mode but the result is quite strange.

this is what i got:

Quote:
john -i:All pass.1
Loaded 1 password (Standard DES [32/32 BS])
guesses: 0 time: 0:00:00:03 c/s: 17706 trying: basebow - bootton
guesses: 0 time: 0:00:00:05 c/s: 23724 trying: huw - hsa
guesses: 0 time: 0:00:00:07 c/s: 26304 trying: stuphric - chincene
guesses: 0 time: 0:00:00:08 c/s: 31204 trying: cantemat - masebort
guesses: 0 time: 0:00:00:10 c/s: 38064 trying: shkiah - ammmu1
Session aborted
In incremental mode, it must try: a - b - c ... aa - ab ac (doesn't it?)...But it tries strange (random?) passwords.
Another question: what does c/s mean?
and the last one: how do i do to use incremental mode with numbers and letters but no special chars?

thanx
 
Old 11-06-2003, 02:47 AM   #2
ssobeht
Member
 
Registered: Oct 2003
Distribution: Debian Sarge
Posts: 207

Original Poster
Rep: Reputation: 30
well, this program is absolutely unusefull unless u have a 10 double-g5 cluster. I made some calculations and it'd take 3500 years to get a 8 chars pass checking letters number and some special chars (95 chars in total). I think i won't live that much

cya!
 
Old 11-06-2003, 11:12 AM   #3
cyph3r7
Member
 
Registered: Apr 2003
Location: Silicon Valley East, Northern Virginia
Distribution: FreeBSD,Debian, RH, ok well most of em...
Posts: 238

Rep: Reputation: 30
actually I disagree with your timetables. We have used the ripper in the past against our corporate sam database and it cranked throught it dumping out tons of passwords 8 character alpha mixed in less than 24 hours. Machines these days have a lot of processing power....throw your /etc/passwd on a dual 64bit G5 mac and it would take probably 5 mins.....
 
Old 11-06-2003, 11:43 AM   #4
Blinker_Fluid
Member
 
Registered: Jul 2003
Location: Clinging to my guns and religion.
Posts: 683

Rep: Reputation: 63
I think I've used it before on a windows machine... (if it wasn't that one it was one similar) and most 8 character passwords it would find within 24 hours.
The one I used was an inside job tool. They have to have access to get the passwd/shadow file. You aren't giving him the password/shadow file are you?
 
Old 11-06-2003, 01:51 PM   #5
ssobeht
Member
 
Registered: Oct 2003
Distribution: Debian Sarge
Posts: 207

Original Poster
Rep: Reputation: 30
ok, i'll wait a bit more. I've tested it on a p2 300 mhz, a k7 700mhz and a p4 2ghz.
I only can try it during a long time is the p2 300 mhz, but i think that the diference can't be mora than one day (the p4 just doubled (well, a bit mora than the double) the c/s amount, the diference is not too high.)
cya!

ps: no! i didnt gave that to him... well, he doesn't even know what that is xDDD.
 
Old 11-06-2003, 02:27 PM   #6
cyph3r7
Member
 
Registered: Apr 2003
Location: Silicon Valley East, Northern Virginia
Distribution: FreeBSD,Debian, RH, ok well most of em...
Posts: 238

Rep: Reputation: 30
oh yeah a 300mhz is nothing compared to a 2ghz or more machine. RAM is also crucial. I have a minimum of 1GB in my machines and it makes all the difference.
 
Old 11-06-2003, 03:17 PM   #7
ssobeht
Member
 
Registered: Oct 2003
Distribution: Debian Sarge
Posts: 207

Original Poster
Rep: Reputation: 30
ram makes the diference in bruteforcing too?? Johnny doesnt seem to use many ram....
 
Old 11-07-2003, 08:58 AM   #8
ssobeht
Member
 
Registered: Oct 2003
Distribution: Debian Sarge
Posts: 207

Original Poster
Rep: Reputation: 30
more than 24 hours in a 2 ghz pc triying douwncase alpha and 8 chars and it haven't finished yet... r u sure this works?
 
Old 11-07-2003, 10:07 PM   #9
OlRoy
Member
 
Registered: Dec 2002
Posts: 304

Rep: Reputation: 86
Crack5.0 can merge the passwd and shadow files... Are your hashes MD5? My root is MD5 (starts with $1) and other users aren't which seems odd...
 
Old 11-08-2003, 04:09 AM   #10
ssobeht
Member
 
Registered: Oct 2003
Distribution: Debian Sarge
Posts: 207

Original Poster
Rep: Reputation: 30
no, tha has is DES
 
Old 11-08-2003, 11:53 AM   #11
OlRoy
Member
 
Registered: Dec 2002
Posts: 304

Rep: Reputation: 86
Yeah DES is the default but you can have MD5 which apparently Slack 9 seems to have for root but not the other users... I dunno i could be wrong but root is the only user on my box whose hash starts with $1.
 
Old 11-08-2003, 01:25 PM   #12
ssobeht
Member
 
Registered: Oct 2003
Distribution: Debian Sarge
Posts: 207

Original Poster
Rep: Reputation: 30
and what's the difference between MD5 and DES?
 
Old 11-08-2003, 01:41 PM   #13
OlRoy
Member
 
Registered: Dec 2002
Posts: 304

Rep: Reputation: 86
MD5 is 128 bit encryption while DES is only 56 bit so it would take a lot longer to crack MD5. MD5 is technically only 64 bits because it is vulnerable to collision attacks where if you search for 2 random hashes that have the same hash value (birthday paradox) you can reduce it from 128 bits to 64 bits. But even then it is still more secure than DES's 56 bits.
 
Old 11-08-2003, 02:02 PM   #14
OlRoy
Member
 
Registered: Dec 2002
Posts: 304

Rep: Reputation: 86
Just FYI

Heres a interesting article that says Win2k is more secure than Linux. http://www.worldtechtribune.com/worl...sv10302002.asp

http://www.worldtechtribune.com/worl...e/template.asp Also says that RedHat was trying to become EAL 2 certified and Win2k SP4 was already EAL 4 certified.

I doubt your friend knew about this though because he probably would of mentioned it
 
Old 11-11-2003, 07:06 AM   #15
ssobeht
Member
 
Registered: Oct 2003
Distribution: Debian Sarge
Posts: 207

Original Poster
Rep: Reputation: 30
"
Maby win2k sp4 is abit more secure than most linux... but waht aborut win2k sp1, sp2, sp3, or win XP or 98...
While the linux kernel might not be the most secure in the world, the windows kernel is obviously worse.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
john the ripper re2 Linux - Security 5 02-26-2005 11:06 PM
John the Ripper Baix Linux - Software 2 02-21-2005 11:05 AM
John the ripper Ephracis Linux - Software 2 12-01-2004 12:27 AM
john the ripper install help Daz_Man2803 Linux - Software 7 06-12-2004 01:12 PM
John the Ripper settings samshiver Linux - Software 2 02-06-2004 04:12 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 06:46 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration