Scribd
Upload
20 views2 pages

Lab 8

This document outlines a lab exercise for cracking secure password hashes using Kali Linux, requiring tools like John the Ripper and Hashcat. It provides step-by-step instructions for attempting to crack hashes, identifying hash types, and viewing cracked passwords. The lab also includes a task to crack the user's actual Kali password and submission guidelines for documentation.

Uploaded by

kietnase172572
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
20 views2 pages

Lab 8

This document outlines a lab exercise for cracking secure password hashes using Kali Linux, requiring tools like John the Ripper and Hashcat. It provides step-by-step instructions for attempting to crack hashes, identifying hash types, and viewing cracked passwords. The lab also includes a task to crack the user's actual Kali password and submission guidelines for documentation.

Uploaded by

kietnase172572
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 2

LAB 8 - CRACKING SECURE PASSWORD HASHES IN KALI LINUX

Name: (required)
Student ID: (required)
0. What you need
 A system running Kali Linux.a
 Basic knowledge of the Linux command-line interface.a
 John the Ripper (Jumbo version) and Hashcat installed.
1. The Hash File
 A file named hashes.txt is provided.
 You must determine the hashing algorithm used.a
2. Attempt Cracking Without Identifying the Hash Type
 Attempt with John the Ripper
john --wordlist=/usr/share/wordlists/rockyou.txt hashes.txt
 Attempt with Hashcat
hashcat -a 0 hashes.txt /usr/share/wordlists/rockyou.txt
If neither works, proceed to the next step to determine the hash type.
3. Identifying the Hash Type
After attempting blind cracking, determine the hashing algorithm using:
hashid hashes.txt
OR
john --list=formats | grep -i sha
OR
hashcat -m 99999 hashes.txt --show
4. Cracking with John the Ripper
 Brute-Force Attack
john --incremental hashes.txt
 Wordlist Attack
john --format={hashing method} --wordlist=/usr/share/wordlists/rockyou.txt
hashes.txt

5. Cracking with Hashcat


 Brute-Force Attack\
hashcat -m {hashing-code} -a 3 hashes.txt ?a?a?a?a?a?a?a
 Wordlist Attack
hashcat -m {hashing-code} -a 0 hashes.txt /usr/share/wordlists/rockyou.txt

6. Viewing Cracked Passwords


 John the Ripper:
john --show hashes.txt
 Hashcat:
hashcat --show -m {hashing-code} hashes.txt
 Example output: kali:supersayan

7. Attempt Cracking your actual Kali password


 Extract password hashes from /etc/shadow
sudo cat /etc/shadow | grep kali > actual.txt
 Using above methods to crack it. Good luck!
Submission:
 Provide captured screenshots accordingly (meaningful areas only).
 Name this file as "YourName_StudentID_Lab8" in docx / PDF format.

You might also like