btahound.blogg.se - Downloading windows 10 john the ripper

To begin, we will need to compromise the target and get a Meterpreter session.

Don't Miss: Get Root with Metasploit's Local Exploit Suggester.

In this tutorial, we will obtain the hash of an additional user that has logged onto the system (admin2). The John the Ripper module should work on any version of Windows we can grab the hashes from.

The method of exploitation doesn't matter so much here, as long as you can get a Meterpreter session on the target. We will be using an unpatched version Windows 7 as the target, so if you have a copy lying around, feel free to use it. Metasploit actually contains a little-known module version of JTR that can be used to quickly crack weak passwords, so let's explore it in an attempt to save precious time and effort. It's a powerful piece of software that can be configured and used in many different ways.

There are many password-cracking tools out there, but one of the mainstays has always been John the Ripper.