Crack hashes with John - Githubissues

ut-ethical-hacking-group-12 / Mellon

A tool to find users with weak passwords in your Active Directory Domain.

MIT License

0 stars 0 forks source link

Crack hashes with John #4

Open bzsinger opened 5 years ago

bzsinger commented 5 years ago

Install John on Windows

bzsinger commented 5 years ago

Pre-requisites:

Download Windows version of John
Extract all files (unzip)
Download rockyou.txt

Script:

Runs John on pre-determined hashes file
Puts John results in file
Performs regex search over results and extracts usernames and passwords
Writes usernames and passwords to new file

bzsinger commented 5 years ago

.\john\run\john -wordlist:./rockyou.txt -format=<format> ./hashes.txt

.\john\run\john --show ./hashes.txt > john_results.txt

Get-Content john_results.txt |
Select-String -Pattern (\w*):(\w*) |
% { $_.Matches } |
foreach { Write-Output "$($_.Groups[1]):$($_.Groups[2])" } > usernames.txt

manahan-joseph commented 5 years ago

Looks great. Would it be possible to have John downloaded and extracted automatically? For reference, look at 203cbe9a2de867c45ba829e9df6aec7ec29d046e.