Check your server for Week password.We can use unshadow and john commands for checking the current week passwords in a server.
John cracking modesJohn can work in the following modes:
Wordlist : John will simply use a file with a list of words that will be checked against the passwords. See RULES for the format of wordlist files.
Single crack : In this mode, john will try to crack the password using the login/GECOS information as passwords.
Incremental : This is the most powerful mode. John will try any character combination to resolve the password. Details about these modes can be found in the MODES file in john’s documentation, including how to define your own cracking methods.
Steps to install John the Ripper Password Cracking ToolJohn the ripper is not installed by default. If you are using Debian / Ubuntu Linux, enter:
===============
apt-get install john
==============
If you are using RHEL, CentOS, Fedora, Redhat Linux server, you can download the rpm files from below link.
=================
http://dag.wieers.com/rpm/packages/john/=================
Once downloaded use rpm command:
=================
rpm -ivh john*
=================
Steps for checking the week passwords in a server.First use the unshadow command to combines the /etc/passwd and /etc/shadow files so John can use them.
In Debian server, please run the command below.
========================
/usr/sbin/unshadow /etc/passwd /etc/shadow > /tmp/crack.password.db
========================
In Centos server, please run the command below.
========================
/usr/bin/unshadow /etc/passwd /etc/shadow > /tmp/crack.password.db
========================
To use John, you just need to supply it a password file created using unshadow command along with desired options. If no mode is specified, john will try "single" first, then "wordlist" and finally "incremental" password cracking methods.
==============
john /tmp/crack.password.db
=============
For Example.
======================
john /tmp/crack.password.db
Loaded 1 password (FreeBSD MD5 [32/32])
======================
Please note that this provedure will take a very long time.
To see the cracked passwords, enter:
====================
john -show /tmp/crack.password.db
Shashi:123456:1002:1002:test,,,:/home/Shashi:/bin/bash
Biju:abc123:1003:1003::/home/Biju:/usr/bin/rssh
2 passwords cracked, 1 left
=====================
Try it from your end and Enjoy....