Whether it’s for fun, for profit, or to annoy your brother, you want to crack a Linux password.  Here are the step by step instructions on how to crack a Linux Password.

Before we begin, you need to have access to the system, this is not for breaking into a system, but rather recovering a password to an account without destroying it.  If you are looking to break into a Linux Box because you’ve forgotten the password follow the instructions here or here.

The passwords in linux systems are typically stored (encoded) in the file /etc/passwd, but with the shadow suite installed, you’ll see an ‘x’ in the password field in /etc/passwd, and the password will be stored in /etc/shadow.

Here is a portion of my shadow file. The password hash field begins with $1$.

Now if you want to get/crack/recover the password you need to use a program called John the Ripper.  To install it, open Terminal and type;

sudo apt-get install john

Then to crack the password type

sudo unshadow /etc/passwd /etc/shadow > mypasswd

sudo john mypasswd

Now in my scenario I purposefully used a simple password just for speed.  If the password is a dictionary word, or short, it will be cracked almost instantly.  If the password has special characters or is long, it will obviously take longer.

Once the password is cracked if you type;

sudo john –show mypasswd

You will see the username and the password in clear text, and the best part of all is that the account has not been damaged in any way.

Tags | Disaster Recovery, Linux, Security, Servers, Ubuntu