Tuesday, 8 September 2009

Experiment 3 on Cracking ZIP File and Ubuntu User Account

Below is my email contents I sent to my colleagues on 17 February 2009 regarding with my experiments on how to crack zip file and user account on Ubuntu machine. At that time, it was perfomed in order to refresh my mind from stuck on assignments.

It's a long time for me not to share the experiments because too many assignments I've got in this semester (I've ever calculated the number of words for all essays, it is 17,000 words, almost reaches the limit of dissertation which is 20,000 words, wow!!!), so that I almost can not allocate my free time for doing my hobby, i.e. carrying out linux ubuntu experiments.

When I woke up this morning up to now, I don't know what happened to me, I feel so bored and bad moody, then I think there must be something lost from me. After watching Tom and Jerry on YouTube, I found that I really miss to do my experiments on ubuntu, so I decided to perform 'UBUNTU HACKING' to wake me up. Hopefully this makes me to be cheerful again.

There are two experiments related to the title above. the first one is 'how to crack zip archives on ubuntu' and the second is 'how to crack the user account of ubuntu'.

For the first experiment, I installed fcrackzip on my experimental machine (I love this machine because it is so powerful, although it only has Pentium 4 with 2 GHz. It had ever fallen down twice from the table, but it's still okay), then I created some files into one archive with password protected. I run the following command :

fcrackzip -v -b filename.zip

Notations : -v for verbose, -b for brute force attack. This command takes time, then I changed the command to be :

fcrackzip -v -b -l 4 filename.zip

Notation : -l 4 for length of password with minimum 4 characters. This command only takes about 3 minutes to recover the password. Actually we can speed up the recovery process by by giving character set specification such as
-c a : for all lowercase characters
-c A : for all uppercase characters
-c 1 : for all digits
-c ! : for all strange symbols

When I add this specification into the following command :

fcrackzip -v -b -l 4 -c a filename.zip

It's so wonderful !. It takes approximately only one second ! to recover the password.

For the second experiment, I installed john which is known as John The Ripper. This famous tool is so powerful although it takes time for processing and making a cracked password file from ubuntu.

I run the following command :
sudo /usr/sbin/unshadow /etc/passwd /etc/shadow > /tmp/crack.password.db

Notations : unshadow command makes passwd and shadow becomes available for john. These files are needed by john in order to run the 'single crack' mode.

After that, I performed this command :
john /tmp/crack.password.db

This command is used to check the weak passwords. It takes a long time approximately 40 minutes on my machine with only one username, then I run the command :

john -show /tmp/crack.password.db

This command is used to see the cracked password. The result is I can obtain the username and password running on my machine. Wow !!!

That's all my sharing experiments at this time. Hopefully it could be useful in positive meaning.
From the experiments above, we can see that john is a powerful tool to reveal user account password on Ubuntu and fcrackzip for password recovery of a zip file. Both run under Ubuntu OS. These tools are essential for forensic investigators when dealing with suspected zip files and locked user account, so that they could obtain important information as they wish. On the other hands, these tools could be dangerous once it is used by hackers to steal confidential information belonging to someone else. Positive or negative purpose of these tools depends on the users; therefore please use it to suppport investigation.

2 comments:

  1. I like the music. I often download hundreds tracks from the Internet,but yesterday I couldn't listen a track inside zip archive. I was bitterly disappeared,but fortunately my friend is a DJ and advised me - compressed file corrupted zip. I tried this tool and it astonihed me. Because the software restored my track very fast and without money as far as I remember. Moreover my friend was quite right with regard to the tool.

    ReplyDelete
  2. Oh!!! Great and it works fine!!!!

    Thank you very much!!!!

    ReplyDelete