Monday, November 18, 2013

Server Security: Crack user passwords to prevent intrusion via a user account

This surely is controversial and should only be done by hash comparison on a business system (if at all)! But I use that for my shell host server where I need the security.

A user account on your server, especially if you have 100+, can be a problem and the first step to a pwnage. To prevent this we just use John the Ripper + password lists with common passwords and bruteforce our way through.

  • Install John the Ripper
  • get this password list http://dazzlepod.com/site_media/txt/passwords.txt (it's 10times bigger than the default one)
  • unshadow /etc/passwd /etc/shadow > ~/pass.txt
  • john -wordlist:passwords.txt ~/pass.txt
This will take some time since it is quite a big list. 
If you find something tell the user to change his password.
That's it.

No comments:

Post a Comment