June 22, 2020

The DPH153-AT Femtocell - password cracking

So, now I have /etc/passwd and want to crack the password for this thing. John the ripper is the chosen tool.

Crack a simple password

First I want to try something simple, just to get the feel of things.

I do the following: 

su
useradd joe
passwd joe
frog
That should be a simple enough password to crack. This yields the following line in /etc/shadow: 
joe:$6$BF8iXyBgxapbT2d8$BmEwURiAFbhUgKfbQpb2LuAjb4YZNnh7072BSJ6dq30Ihrj0ESOxBAO34mPsFJe82rawV.By09vvVcjckkugw1:18465:0:99999:7:::
I placed this one line into passwd.joe and typed: 
john passwd.joe
Loaded 1 password hash (crypt, generic crypt(3) [?/64])
Press 'q' or Ctrl-C to abort, almost any other key for status
frog             (joe)
1g 0:00:00:12 100% 2/3 0.08230g/s 454.0p/s 454.0c/s 454.0C/s ncc1701d..1022
Use the "--show" option to display all of the cracked passwords reliably
Session completed
This took less than 3 seconds -- a simple dictionary word is pretty easy!

The real thing

I put the root line from /etc/passwd into passwd.femto and type 
john --fork=6 passwd.femto
My machine has 8 cores. I figure to let John use 6 of them and keep the other two for my own use while it is running. I start it going at 4:42 on July 22, 2020. In just over an hour (by 5:45), we have "orketmeg".
Have any comments? Questions? Drop me a line!

Tom's electronics pages / tom@mmto.org