Weak password detection JR!

1, JR (Joth the Ripper) Introduction
· a code analysis tool that supports brute force dictionary
-through shadow password file analysis can detect passwords
· official website: http: //www.openwall.com/john/
2, JR mounting tool
(1) tar unpack
(2) into the src directory after decompression, performed Clean the make
(. 3) into the lower run after decompression directory, run

===========================================================

Example: scanning within a virtual machine account password discharge all weak password?

Introducing package john-1.8.0.tar.gz

[root @ localhost ~] # LS             // check whether they have a good imported JR
john-1.8.0.tar.gz
[root @ localhost ~] # tar-zxf john-1.8.0.tar.gz         // JR extracting package
[ ~ @ localhost root] # LS                 // good to see if JR unzip the package
john-1.8.0    john-1.8.0.tar.gz

[the root @ localhost ~] # CD-John 1.8.0 / the src            // enter the src
[the root @ localhost the src] # RPM -q gcc gcc-c ++        // detect whether gcc gcc-c ++ editor installed
package is not installed gcc 
not installed packages-c ++ gcc
[root @ localhost src] # yum -y install gcc gcc-c ++          // install gcc gcc-c ++ editor
is loaded plugins: fastestmirror, the Langpacks
loading Mirror SPEEDS from cached hostfile
* Base: mirrors.huaweicloud .com
* Extras: mirrors.aliyun.com
* the Updates: mirrors.aliyun.com
Base | 3.6 kB 00:00
Extras | 3.4 kB 00:00
the Updates | 3.4 kB 00:00
is addressing dependencies
-> checking affairs
- -> the package will be installed gcc.x86_64.0.4.8.5-36.el7_6.2
-> dependence libgomp being processed = 4.8.5-36.el7_6.2, it is the package gcc-4.8.5-36.el7_6.2.x86_64 need
-> Processing dependence cpp = 4.8.5- 36.el7_6.2, it is the package gcc-4.8.5-36.el7_6.2.x86_64 need
-> processing dependence libgcc> = 4.8.5-36.el7_6.2, it is the package gcc- 4.8.5-36.el7_6.2.x86_64 need
-> processing dependency glibc-devel> = 2.2.90-12, it is the package gcc-4.8.5-36.el7_6.2.x86_64 need
- -> gcc-c ++ x86_64.0.4.8.5-36.el7_6.2 package is to be mounted
-> processing dependency libstdc ++ - devel = 4.8.5-36.el7_6.2, which is a package gcc-c ++ -4.8.5-36.el7_6.2.x86_64 need
-> processing dependence libstdc ++ = 4.8.5-36.el7_6.2, it is the package gcc-c ++ - 4.8.5-36.el7_6.2. x86_64 need
-> checking affairs
---> cpp.x86_64.0.4.8.5-36.el7_6.2 packages will be installed
---> package glibc-devel.x86_64.0.2.17-260.el7_6. 6 is to be mounted
-> processing dependency glibc-headers = 2.17-260.el7_6.6, which is a package glibc-devel-2.17-260.el7_6.6.x86_64 need
-> Processing Dependencies glibc = 2.17-260.el7_6.6, it is the package glibc-devel-2.17-260.el7_6.6.x86_64 need
-> Processing dependency glibc-headers, which are packages glibc-devel-2.17-260.el7_6.6.x86_64 need
---> libgcc.x86_64.0.4.8.5-36.el7 packages will be upgraded
---> packages libgcc.x86_64.0.4.8.5-36. el7_6.2 will be updated
---> libgomp.x86_64.0.4.8.5-36.el7 packages will be upgraded
---> libgomp.x86_64.0.4.8.5-36.el7_6.2 package will be updated
- -> package libstdc ++ x86_64.0.4.8.5-36.el7 will be upgraded
---> package libstdc ++ x86_64.0.4.8.5-36.el7_6.2 will be updated.
---> package libstdc ++ - devel. x86_64.0.4.8.5-36.el7_6.2 will be installed
-> checking affairs
---> glibc.x86_64.0.2.17-260.el7 packages will be upgraded
-> processing dependence glibc = 2.17 -260.el7, it is the package glibc-common-2.17-260.el7.x86_64 need
---> packages will be updated glibc.x86_64.0.2.17-260.el7_6.6
---> glibc-headers.x86_64.0.2.17-260.el7_6.6 package is to be mounted
-> Processing dependencies kernel-headers> = 2.2.1, which is a package glibc-headers-2.17- 260.el7_6.6.x86_64 need
-> processing dependencies kernel-headers, which is the package glibc-headers-2.17-260.el7_6.6.x86_64 need
-> checking affairs
---> glibc package -common.x86_64.0.2.17-260.el7 will be upgraded
---> package glibc-common.x86_64.0.2.17-260.el7_6.6 will be updated
---> package kernel-headers.x86_64 .0.3.10.0-957.27.2.el7 will be installed
-> complete dependency resolution

Resolve dependencies

================================================== ==============================
Package Penalty for architecture version of the source size
=============== ================================================== ===============
Installing:
GCC 16 M Updates the x86_64 4.8.5-36.el7_6.2
GCC C-7.2 M ++ Updates the x86_64 4.8.5-36.el7_6.2
is dependent attached:
CPP 4.8.5-36.el7_6.2 the x86_64 5.9 M Updates
the glibc-devel the x86_64 2.17-260.el7_6.6 1.1 M Updates
the glibc-headers 684 K the x86_64 2.17-260.el7_6.6 Updates
Kernel-headers the x86_64 3.10 updates 8.0 M .0-957.27.2.el7
libstdc ++ - devel the x86_64 4.8.5-36.el7_6.2 updates for 1.5 M
in dependence updated:
the glibc the x86_64 2.17-260.el7_6.6 3.7 M updates
the glibc-Common the x86_64 2.17 260.el7_6.6 updates 12 M
libgcc x86_64 4.8.5-36.el7_6.2 updates 102 k
libgomp x86_64 4.8.5-36.el7_6.2 updates 158 k
libstdc++ x86_64 4.8.5-36.el7_6.2 updates 305 k

Transaction Summary
================================================ ================================
installation package 2 (+5 dependent software package)
upgrade (5 dependent packages)

Total: 56 M
Total downloads: 41 is M
Downloading Packages:
Warning: /var/cache/yum/x86_64/7/updates/packages/cpp-4.8.5-36.el7_6.2.x86_64.rpm: head V3 RSA / SHA256 Signature, key f4a80eb5 ID: NOKEY
CPP-4.8.5-36.el7_6.2.x86_64.rpm public key has not been installed
(1/7): cpp-4.8.5-36.el7_6.2.x86_64.rpm | 5.9 MB 00:01
(2/7): gcc-c ++ - 4.8.5-36.el7_6.2.x86_64.rpm | 7.2 MB 00:01
(3/7): glibc-devel-2.17-260.el7_6 .6.x86_64.rpm | 1.1 MB 00:00
(4/7): glibc-headers-2.17-260.el7_6.6.x86_64.rpm | 684 kB 00:00
(5/7): Kernel-headers-3.10 .0-957.27.2.el7.x86_64.rpm | 8.0 MB 00:01
(6/7): gcc-4.8.5-36.el7_6.2.x86_64.rpm | 16 MB 00:04
(7/7) : libstdc ++ - devel-4.8.5-36.el7_6.2.x86_64.rpm | 1.5 MB 00:00
-------------------------------------------------- ------------------------------
total of 8.1 MB / s | 41 MB 00:05
from file: /// etc / pki / rpm-gpg / RPM-GPG -kEY-CentOS-7 retrieval key
import GPG key 0xF4A80EB5:
user ID: "CentOS-7 key ( CentOS 7 Official Signing key) <[email protected]>"
fingerprint: 6341 ab27 53d7 8a78 a7c2 7bb1 24c6 a8a7 f4a8 0eb5
package: centos-release-7-6.1810.2.el7.centos.x86_64 (@anaconda )
from: / etc / PKI / RPM-GPG / the RPM-the GPG-KEY. 7-the CentOS-
Running the Check Transaction
Running the Test Transaction
Transaction the Test succeeded.
Running Transaction
updating: libgcc-4.8.5-36.el7_6.2.x86_64 1/17
updating: glibc-common-2.17-260.el7_6.6.x86_64 2/17
is being updated : glibc-2.17-260.el7_6.6.x86_64 3/17
Updating: libstdc ++ - 4.8.5-36.el7_6.2.x86_64 4/17
is being installed: libstdc ++ - devel-4.8.5-36.el7_6.2.x86_64 5/17
Updating: libgomp-4.8.5-36 .el7_6.2.x86_64 6/17
being installed: cpp-4.8.5-36.el7_6.2.x86_64 7/17
is being installed: kernel-headers-3.10.0-957.27.2.el7.x86_64 8/17
is installation: glibc-headers-2.17-260.el7_6.6.x86_64 9/17
is being installed: glibc-devel-2.17-260.el7_6.6.x86_64 10/17
is being installed: gcc-4.8.5-36.el7_6. 2.x86_64 11/17
being installed: gcc-c ++ - 4.8.5-36.el7_6.2.x86_64 12/17
cleanup: libstdc ++ - 4.8.5-36.el7.x86_64 13/17
cleanup: libgomp-4.8.5 -36.el7.x86_64 14/17
cleanup: glibc-common-2.17-260.el7.x86_64 15/17
cleanup: glibc-2.17-260.el7.x86_64 16/17
cleanup: libgcc-4.8.5-36.el7 .x86_64 17/17
Verification: glibc-devel-2.17-260.el7_6.6.x86_64 1/17
verification: gcc-c ++ - 4.8.5-36.el7_6.2.x86_64 2/17
verification: kernel-headers-3.10.0 -957.27.2.el7.x86_64 3/17
verification: libgcc-4.8.5-36.el7_6.2.x86_64 4/17
verification: libgomp-4.8.5-36.el7_6.2.x86_64 5/17
verified in: glibc-2.17-260.el7_6.6.x86_64 6/17
verification: cpp-4.8.5-36.el7_6.2.x86_64 7/17
verification: gcc-4.8.5-36.el7_6.2. x86_64 8/17
verification: glibc-headers-2.17-260.el7_6.6.x86_64 9/17
verification: libstdc ++ - devel-4.8.5-36.el7_6.2.x86_64 10/17
verification: glibc-common -2.17-260.el7_6.6.x86_64 11/17
verification: libstdc ++ - 4.8.5-36.el7_6.2.x86_64 12/17
verification: glibc-common-2.17-260.el7.x86_64 13/17
verification in: libgomp-4.8.5-36.el7.x86_64 14/17
Verification: glibc-2.17-260.el7.x86_64 15/17
-: 16/17 libstdc ++ verification 4.8.5-36.el7.x86_64
libgcc-4.8.5-36.el7.x86_64 17/17: Verification

Has been installed:
gcc.x86_64 0: 4.8.5-36.el7_6.2 gcc-c ++ x86_64 0:. 4.8.5-36.el7_6.2

It is selected as a dependency:
cpp.x86_64 0: 4.8.5-36.el7_6.2
the glibc-devel.x86_64 0: 2.17-260.el7_6.6
the glibc-headers.x86_64 0: 2.17-260.el7_6.6
Kernel-headers 0 .x86_64: 3.10.0-957.27.2.el7
libstdc ++ - devel.x86_64 0: 4.8.5-36.el7_6.2

Be upgraded as dependencies:
glibc.x86_64 0: 0 2.17-260.el7_6.6 the glibc-common.x86_64: 2.17-260.el7_6.6
libgcc.x86_64 0: 0 4.8.5-36.el7_6.2 libgomp.x86_64: 4.8.5-36.el7_6.2
libstdc ++ x86_64 0:. 4.8.5-36.el7_6.2

Finished!

[root @ localhost src] # the make          // compiler

[root@localhost src]# cd ../run       //进入run
[root@localhost run]# cp /etc/shadow ./shadow.txt       //复制./shadow.txt 到/etc/shadow下
[root@localhost run]# ls
ascii.chr     john.conf       mailer       password.lst  shadow.txt
digits.chr   lm_ascii.chr   makechr   relbench
[root@localhost run]# cd ../
[root@localhost john-1.8.0]# ls
doc  README  run   src
[root@localhost john-1.8.0]# cd
[root@localhost ~]# ls
john-1.8.0 john-1.8.0.tar.gz
[root@localhost ~]# cd john-1.8.0/
[root@localhost john-1.8.0]# ls
doc README run src
[root@localhost john-1.8.0]# cd src
[root@localhost src]# make clean linux-x86-64
rm -f ../run/john ../run/unshadow ../run/unafs ../run/unique ../run/john.bin ../run/john.com ../run/unshadow.com ../run/unafs.com ../run/unique.com ../run/john.exe ../run/unshadow.exe ../run/unafs.exe ../run/unique.exe
rm -f ../run/john.exe john-macosx-* *.o *.bak core
rm -f detect bench generic.h arch.h tmp.s
cp /dev/null Makefile.dep
ln -sf x86-64.h arch.h
make ../run/john ../run/unshadow ../run/unafs ../run/unique \
JOHN_OBJS="DES_fmt.o DES_std.o DES_bs.o DES_bs_b.o BSDI_fmt.o MD5_fmt.o MD5_std.o BF_fmt.o BF_std.o AFS_fmt.o LM_fmt.o trip_fmt.o dummy.o batch.o bench.o charset.o common.o compiler.o config.o cracker.o crc32.o external.o formats.o getopt.o idle.o inc.o john.o list.o loader.o logger.o math.o memory.o misc.o options.o params.o path.o recovery.o rpp.o rules.o signals.o single.o status.o tty.o wordlist.o unshadow.o unafs.o unique.o c3_fmt.o x86-64.o" \
CFLAGS="-c -Wall -Wdeclaration-after-statement -O2 -fomit-frame-pointer -DHAVE_CRYPT" \
LDFLAGS="-s -lcrypt"
make[1]: 进入目录“/root/john-1.8.0/src”
gcc -c -Wall -Wdeclaration-after-statement -O2 -fomit-frame-pointer -DHAVE_CRYPT -funroll-loops DES_fmt.c
gcc -c -Wall -Wdeclaration-after-statement -O2 -fomit-frame-pointer -DHAVE_CRYPT -funroll-loops DES_std.c
gcc -c -Wall -Wdeclaration-after-statement -O2 -fomit-frame-pointer -DHAVE_CRYPT -funroll-loops DES_bs.c
gcc -c -Wall -Wdeclaration-after-statement -O2 -fomit-frame-pointer -DHAVE_CRYPT -Os -funroll-loops -finline-functions DES_bs_b.c
gcc -c -Wall -Wdeclaration-after-statement -O2 -fomit-frame-pointer -DHAVE_CRYPT -funroll-loops BSDI_fmt.c
gcc -c -Wall -Wdeclaration-after-statement -O2 -fomit-frame-pointer -DHAVE_CRYPT -funroll-loops MD5_fmt.c
gcc -c -Wall -Wdeclaration-after-statement -O2 -fomit-frame-pointer -DHAVE_CRYPT -funroll-loops MD5_std.c
gcc -c -Wall -Wdeclaration-after-statement -O2 -fomit-frame-pointer -DHAVE_CRYPT -funroll-loops BF_fmt.c
gcc -c -Wall -Wdeclaration-after-statement -O2 -fomit-frame-pointer -DHAVE_CRYPT -funroll-loops BF_std.c
gcc -c -Wall -Wdeclaration-after-statement -O2 -fomit-frame-pointer -DHAVE_CRYPT -funroll-loops AFS_fmt.c
gcc -c -Wall -Wdeclaration-after-statement -O2 -fomit-frame-pointer -DHAVE_CRYPT -funroll-loops LM_fmt.c
gcc -c -Wall -Wdeclaration-after-statement -O2 -fomit-frame-pointer -DHAVE_CRYPT -funroll-loops trip_fmt.c
gcc -c -Wall -Wdeclaration-after-statement -O2 -fomit-frame-pointer -DHAVE_CRYPT -funroll-loops dummy.c
gcc -c -Wall -Wdeclaration-after-statement -O2 -fomit-frame-pointer -DHAVE_CRYPT -funroll-loops batch.c
gcc -c -Wall -Wdeclaration-after-statement -O2 -fomit-frame-pointer -DHAVE_CRYPT -funroll-loops bench.c
gcc -c -Wall -Wdeclaration-after-statement -O2 -fomit-frame-pointer -DHAVE_CRYPT -funroll-loops charset.c
gcc -c -Wall -Wdeclaration-after-statement -O2 -fomit-frame-pointer -DHAVE_CRYPT -funroll-loops common.c
gcc -c -Wall -Wdeclaration-after-statement -O2 -fomit-frame-pointer -DHAVE_CRYPT -funroll-loops compiler.c
gcc -c -Wall -Wdeclaration-after-statement -O2 -fomit-frame-pointer -DHAVE_CRYPT -funroll-loops config.c
gcc -c -Wall -Wdeclaration-after-statement -O2 -fomit-frame-pointer -DHAVE_CRYPT -funroll-loops cracker.c
gcc -c -Wall -Wdeclaration-after-statement -O2 -fomit-frame-pointer -DHAVE_CRYPT -funroll-loops crc32.c
gcc -c -Wall -Wdeclaration-after-statement -O2 -fomit-frame-pointer -DHAVE_CRYPT -funroll-loops external.c
gcc -c -Wall -Wdeclaration-after-statement -O2 -fomit-frame-pointer -DHAVE_CRYPT -funroll-loops formats.c
gcc -c -Wall -Wdeclaration-after-statement -O2 -fomit-frame-pointer -DHAVE_CRYPT -funroll-loops getopt.c
gcc -c -Wall -Wdeclaration-after-statement -O2 -fomit-frame-pointer -DHAVE_CRYPT -funroll-loops idle.c
gcc -c -Wall -Wdeclaration-after-statement -O2 -fomit-frame-pointer -DHAVE_CRYPT -funroll-loops inc.c
gcc -c -Wall -Wdeclaration-after-statement -O2 -fomit-frame-pointer -DHAVE_CRYPT -funroll-loops john.c
gcc -c -Wall -Wdeclaration-after-statement -O2 -fomit-frame-pointer -DHAVE_CRYPT -funroll-loops list.c
gcc -c -Wall -Wdeclaration-after-statement -O2 -fomit-frame-pointer -DHAVE_CRYPT -funroll-loops loader.c
gcc -c -Wall -Wdeclaration-after-statement -O2 -fomit-frame-pointer -DHAVE_CRYPT -funroll-loops logger.c
gcc -c -Wall -Wdeclaration-after-statement -O2 -fomit-frame-pointer -DHAVE_CRYPT -funroll-loops math.c
gcc -c -Wall -Wdeclaration-after-statement -O2 -fomit-frame-pointer -DHAVE_CRYPT -funroll-loops memory.c
gcc -c -Wall -Wdeclaration-after-statement -O2 -fomit-frame-pointer -DHAVE_CRYPT -funroll-loops misc.c
gcc -c -Wall -Wdeclaration-after-statement -O2 -fomit-frame-pointer -DHAVE_CRYPT -funroll-loops options.c
gcc -c -Wall -Wdeclaration-after-statement -O2 -fomit-frame-pointer -DHAVE_CRYPT -funroll-loops params.c
gcc -c -Wall -Wdeclaration-after-statement -O2 -fomit-frame-pointer -DHAVE_CRYPT -funroll-loops path.c
gcc -c -Wall -Wdeclaration-after-statement -O2 -fomit-frame-pointer -DHAVE_CRYPT -funroll-loops recovery.c
gcc -c -Wall -Wdeclaration-after-statement -O2 -fomit-frame-pointer -DHAVE_CRYPT -funroll-loops rpp.c
gcc -c -Wall -Wdeclaration-after-statement -O2 -fomit-frame-pointer -DHAVE_CRYPT -funroll-loops rules.c
gcc -c -Wall -Wdeclaration-after-statement -O2 -fomit-frame-pointer -DHAVE_CRYPT -funroll-loops signals.c
gcc -c -Wall -Wdeclaration-after-statement -O2 -fomit-frame-pointer -DHAVE_CRYPT -funroll-loops single.c
gcc -c -Wall -Wdeclaration-after-statement -O2 -fomit-frame-pointer -DHAVE_CRYPT -funroll-loops status.c
gcc -c -Wall -Wdeclaration-after-statement -O2 -fomit-frame-pointer -DHAVE_CRYPT -funroll-loops tty.c
gcc -c -Wall -Wdeclaration-after-statement -O2 -fomit-frame-pointer -DHAVE_CRYPT -funroll-loops wordlist.c
gcc -c -Wall -Wdeclaration-after-statement -O2 -fomit-frame-pointer -DHAVE_CRYPT -funroll-loops unshadow.c
gcc -c -Wall -Wdeclaration-after-statement -O2 -fomit-frame-pointer -DHAVE_CRYPT -funroll-loops unafs.c
gcc -c -Wall -Wdeclaration-after-statement -O2 -fomit-frame-pointer -DHAVE_CRYPT -funroll-loops unique.c
gcc -c -Wall -Wdeclaration-after-statement -O2 -fomit-frame-pointer -DHAVE_CRYPT -funroll-loops c3_fmt.c
gcc -c x86-64.S
gcc DES_fmt.o DES_std.o DES_bs.o DES_bs_b.o BSDI_fmt.o MD5_fmt.o MD5_std.o BF_fmt.o BF_std.o AFS_fmt.o LM_fmt.o trip_fmt.o dummy.o batch.o bench.o charset.o common.o compiler.o config.o cracker.o crc32.o external.o formats.o getopt.o idle.o inc.o john.o list.o loader.o logger.o math.o memory.o misc.o options.o params.o path.o recovery.o rpp.o rules.o signals.o single.o status.o tty.o wordlist.o unshadow.o unafs.o unique.o c3_fmt.o x86-64.o -s -lcrypt -o ../run/john
rm -f ../run/unshadow
ln -s john ../run/unshadow
rm -f ../run/unafs
ln -s john ../run/unafs
rm -f ../run/unique
ln -s john ../run/unique
make[1]: 离开目录“/root/john-1.8.0/src”
[root@localhost src]# cd ../run
[root@localhost run]# ls
ascii.chr     john  lm_ascii.chr makechr   relbench  unafs  unshadow
digits.chr   john.conf  mailer   password.lst  shadow.txt  unique
[root@localhost run]# cp /etc/shadow ./shadow.txt
cp：是否覆盖"./shadow.txt"？ y
[root@localhost run]# ./john shadow.txt
Loaded 3 password hashes with 3 different salts (crypt, generic crypt(3) [?/64])
Press 'q' or Ctrl-C to abort, almost any other key for status
123123 (roomx)
123123 (root)

0g 0:00:20:52 3/3 0g/s 242.7p/s 242.7c/s 242.7C/s 020867..022465
0g 0:00:20:54 3/3 0g/s 242.7p/s 242.7c/s 242.7C/s 033289..036936
Session aborted