Hashing Linux Passwords
#1
I am missing something simple, but I am not sure what.  Here is what I have done so far.

made a copy of the /etc/passwd and /etc/shadow then typed:

unshadow passwd shadow > linux.txt
hashcat -m0 -a0 linux.txt dictionaryfile.txt

My hashfile looks like this:
harold:xxxhashxxx:501:501::/home/harold:/bin/bash

I am getting the error: Token length exception.  I have tried removing everything out of the linux.txt except for the hash itself.  But it still won't load the hashes.

Is my hashtype and hashfile formatted correctly?
Reply
#2
Nevermind I found it.

-m 500
Reply
#3
hashcat can't parse the entire /etc/shadow format with all fields.

hashcat expects either a list of raw hashes (or, when using --username, user:hash pairs)

Just trim off the first two fields (cut -d: -f1-2)


[Edit: my bad; @philsmd points out that hashcat will parse a full /etc/shadow.]
~
Reply
#4
Thank you.
Reply