decrypting htpasswd

Mulley, Nikhil mnikhil at
Thu Jan 27 05:18:51 UTC 2005

Thanks Steve.. for getting me..
Rather what I wanted was What kinda format of the passwd file does John Expect?
Ok as you said..."it would probably be prudent to read it." , I will do that.. :)


> -----Original Message-----
> From: redhat-list-bounces at
> [mailto:redhat-list-bounces at]On Behalf Of Steve Phillips
> Sent: Tuesday, January 25, 2005 1:15 AM
> To: General Red Hat Linux discussion list
> Subject: Re: decrypting htpasswd
> On Mon, 24 Jan 2005, Benjamin J. Weiss wrote:
> > Mulley, Nikhil wrote:
> >
> >> [I am not talking abt Cracking..] This is however to say 
> that I ensure my 
> >> security and warn others abt their security as well..
> >> as earlier said ..the password file has two fields...
> >> Username:Password
> >> the password is in DES (hashed)Encryption format..
> >> so I think there is a way to Rip it with John...
> >> 
> > 1) If you intentionally acquired this file without the 
> permission of the 
> > server's owner, you have violated federal law.
> > 2) If you accidentally acquired this file and then attempt 
> to crack the 
> > password, you have violated federal law.
> Except that the world is not the USA and there are still many 
> countries 
> where this is entirely legal, or does not fall under 
> "federal" law. While 
> his originating IP appears to be in Calafornia, he may 
> actually be on the 
> other side of the world.
> Morally your arguments hold up but claiming this on an international 
> mailing list is a little silly.
> > If you truly came upon this file accidentally and you want 
> to warn the owners 
> > about their security, simply give them a copy of the file 
> you captured and 
> > then delete it.
> >
> > I work for a state law-enforcement agency.  If you wish 
> assistance in 
> > contacting the server owners, please contact me off-list.
> There are actually rather legitimate reasons for wanting to crack a 
> password file. this may be the only record of a password used by a 
> previous employee who has locked other records with the same 
> password but 
> the hash is in a more secure form *shrug* who knows.
> To answer the original question - generally John the ripper 
> requires the 
> password files to be in a specific format (when I last used 
> it it was unix 
> password file format) which means that you may need to move 
> the hash into 
> a pseudo password type file and tell john the ripper to try 
> cracking it. 
> The information you require is all in the John the Ripper 
> documentation, 
> it would probably be prudent to read it.
> It would also be a good idea to get a dictionary list 
> together (google if 
> you dont have one) which john can use against the hash whcih 
> may speed 
> things up significantly if the password is based on a 
> dictionary word. 
> Otherwise be prepared for a long wait, typically an 8 character DES 
> encrypted password with numbers, punctuation and upper/lower 
> case letters 
> will take around 3-6 months to crack (higher end PC's 
> obviously will do 
> this slightly faster)
> HTH,
> -- 
> Steve.
> -- 
> redhat-list mailing list
> unsubscribe mailto:redhat-list-request at

More information about the redhat-list mailing list