search

rapid7 / metasploit-framework

Metasploit Framework
https://www.metasploit.com/
Other
34.14k stars 13.97k forks source link

jtr_linux.rb not working as expected under Kali Linux 2.0.0 #6615

Closed KarlFranzMeier45 closed 8 years ago

KarlFranzMeier45 commented 8 years ago

Hi,

I've been playing around with the Metasploitable and tried to use John the Ripper with the framework to crack the passwords from Metasploitable.

Leaving crypt set to false the module runs however displays "Unknown ciphertext format name requested' and does not crack any passwords.

msf auxiliary(jtr_linux) > run

[*] Wordlist file written out to /tmp/jtrtmp20160228-14330-6m5jpv
[*] Hashes Written out to /tmp/hashes_tmp20160228-14330-1i0d5o8
[*] Cracking md5 hashes in normal wordlist mode...
Unknown ciphertext format name requested
[*] Cracked Passwords this run:
Unknown ciphertext format name requested
<snip>
[*] Auxiliary module execution completed

Running JTR on the command line shows that it does not have the formats as listed in the jtr_linux.rb file (line 41 IIRC) but the ones in the file with 'crypt' added (i.e. 'md5' as part of the list in the file and 'md5crypt' supported by JTR).

Setting crypt to true gives the following stack trace:

msf auxiliary(jtr_linux) > run

[-] Auxiliary failed: ArgumentError too few arguments
[-] Call stack:
[-]   /opt/metasploit-framework/embedded/framework/modules/auxiliary/analyze/jtr_linux.rb:43:in `format'
[-]   /opt/metasploit-framework/embedded/framework/modules/auxiliary/analyze/jtr_linux.rb:43:in `run'
[*] Auxiliary module execution completed

This might be me misunderstanding of what the 'crypt' option is supposed to do however it seems that the code in lines 42-44 of jtr_llinux.rb

if datastore['Crypt']
    format << 'crypt'
end

could be moved inside the loop starting with 'formats.each' (this is me guessing what the intention of the append operation was) and then with crypt set to true it actually works as expected.

The installed JTR is version 1.8.0.6-jumbo-1-bleeding [linux-x86-64-avx].

I'm new to the topic and stumbled across this while trying to gain experience. So maybe this is a bug or maybe it is just not working for me in the standard version of the file.

In any case I thought it might be worth sharing.

Cheers, Alex

wchen-r7 commented 8 years ago

That looks like just a silly typo.

Should be formats << 'crypt', looks like, and not format