Cracking SSH Private key passphrase
Using John the Ripper!
Step 1 :
Copy the SSH key you want to crack.
cp /.ssh/id_rsa id_rsa
Step 2 :
To brute-force using john, we have to convert it into a suitable format. For this, we can use ssh2john.py. This comes pre-installed in Kali Linux. You can find it using locate command and copy it to your current working directory.
updatedb #updatedb creates or updates a database used by locate(1)
locate ssh2john.py
cp $(locate ssh2john.py).
Step 3 :
Next, you have to create a hash file from the id_rsa file to use it with john.
python ssh2john.py id_rsa > id_rsa.hash
Step 4 :
To conduct the brute force, you need a wordlist. You can try the rockyou wordlist pre-installed in Kali Linux.
locate rockyou.txt.gz
cp $(locate rockyou.txt.gz) .
Unzip the file,
gunzip rockyou.txt.gz
Step 5 :
At last, we can use john to crack the hash using rockyou.txt and retrieve the passphrase.
john id_rsa.hash -wordlist=rockyou.txt
Good Luck cracking it!
No comments:
Post a Comment