{"id":2749,"date":"2010-07-16T22:30:30","date_gmt":"2010-07-16T19:30:30","guid":{"rendered":"http:\/\/blog.lifeoverip.net\/?p=2749"},"modified":"2010-09-22T22:31:28","modified_gmt":"2010-09-22T19:31:28","slug":"john-the-ripper-kullanarak-yeni-nesil-linux-parolalarini-kirma","status":"publish","type":"post","link":"http:\/\/blog.lifeoverip.net\/2010\/07\/16\/john-the-ripper-kullanarak-yeni-nesil-linux-parolalarini-kirma\/","title":{"rendered":"John The Ripper Kullanarak Yeni Nesil Linux Parolalar\u0131n\u0131 K\u0131rma"},"content":{"rendered":"<div>\n<p><a href=\"http:\/\/blog.bga.com.tr\/wp-content\/uploads\/2010\/07\/passcrack.jpg\"><img loading=\"lazy\" class=\"alignleft size-full wp-image-105\" title=\"passcrack\" src=\"http:\/\/blog.bga.com.tr\/wp-content\/uploads\/2010\/07\/passcrack.jpg\" alt=\"\" width=\"254\" height=\"139\" \/><\/a>Linux da\u011f\u0131t\u0131mlar\u0131nda sistemdeki kullan\u0131c\u0131lar\u0131n  parolalar\u0131  \/etc\/shadow  dosyas\u0131nda hash+salt \u015feklinde saklan\u0131r.  Salt(tuz) her    seferinde  de\u011fi\u015fken olarak atanan bir de\u011ferdir, bundan dolay\u0131 ayn\u0131  parolay\u0131  iki   kere  girildi\u011finde hash de\u011ferleri farkl\u0131 \u00e7\u0131kacakt\u0131r.<!--more--><\/p>\n<p>Linux sistemlerin parola format\u0131 incelendi\u011finde ilk iki $ aras\u0131ndaki  de\u011fer hangi \u015fifreleme\/hash algoritmas\u0131n\u0131n kullan\u0131ld\u0131\u011f\u0131n\u0131 belirtir. Linux  parola g\u00fcvenli\u011fiyle ilgili detay <a href=\"http:\/\/www.bga.com.tr\/?p=1187\">bilgi i\u00e7in<\/a><\/p>\n<p>3-4 sene \u00f6ncesine kadar \u00e7o\u011fu Linux da\u011f\u0131t\u0131m\u0131nda parolalar\u0131 hashli  saklamak i\u00e7in MD5 kullan\u0131l\u0131rd\u0131. G\u00fcn\u00fcm\u00fczdeki Linux da\u011f\u0131t\u0131mlar\u0131 ise SHA512  ($6$) tercih etmektedir. MD5 kullan\u0131lm\u0131\u015f hashli parolalar\u0131  JohnTheRipper arac\u0131yla k\u0131rmak m\u00fcmk\u00fcnken SHA512 kullan\u0131larak hashlenmis  parolalar\u0131 son s\u00fcr\u00fcm JTR ile k\u0131rmak m\u00fcmk\u00fcn de\u011fil.<\/p>\n<p>JTR kullanarak Linux parolalar\u0131n\u0131n g\u00fcvenli\u011fi denendi\u011finde a\u015fa\u011f\u0131dakine  benzer hata al\u0131nacakt\u0131r.<br \/>\n\u201cNo password hashes loaded\u201d<\/p>\n<p>A\u015fa\u011f\u0131daki ad\u0131mlar g\u00fcn\u00fcm\u00fcz Linuz da\u011f\u0131t\u0131mlar\u0131n\u0131n parolalar\u0131n\u0131 JTR ile  k\u0131rmak i\u00e7in yap\u0131lmas\u0131 gerekenleri i\u00e7ermektedir:<\/p>\n<p><strong>root@seclab:~\/test# wget  http:\/\/www.openwall.com\/john\/g\/john-1.7.5.tar.gz<\/strong><\/p>\n<p><strong>root@seclab:~\/test# tar zxvf john-1.7.5.tar.gz<\/strong><br \/>\n<strong>root@seclab:~\/test# cd john-1.7.5<\/strong><\/p>\n<p>PATCH dosyas\u0131 http:\/\/www.openwall.com\/lists\/john-users\/2009\/09\/02\/3  adresinden indirilerek yeni s\u00fcr\u00fcme uyarlanmal\u0131d\u0131r.<\/p>\n<p><strong>root@seclab:~\/test\/john-1.7.5# patch -p1 -i patch<\/strong><\/p>\n<p>patching file src\/Makefile<br \/>\npatching file src\/crypt_fmt.c<br \/>\npatching file src\/john.c<br \/>\nHunk #2 succeeded at 67 (offset 2 lines).<br \/>\n<strong>root@seclab:~\/test\/john-1.7.5\/src# make linux-x86-any<\/strong><br \/>\n# cd ..\/run\/<br \/>\n<strong>root@seclab:~\/test\/john-1.7.5\/run# ls<\/strong><br \/>\nall.chr  alnum.chr  alpha.chr  digits.chr  john  john.conf  lanman.chr   mailer  password.lst  unafs  unique  unshadow<br \/>\n<strong>root@seclab:~\/test\/john-1.7.5\/run# .\/john \/etc\/shadow<\/strong><\/p>\n<p>Loaded 3 password hashes with 3 different salts (generic crypt(3)  [?\/32])<br \/>\ntoor             (root)<\/p>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>Linux da\u011f\u0131t\u0131mlar\u0131nda sistemdeki kullan\u0131c\u0131lar\u0131n parolalar\u0131 \/etc\/shadow dosyas\u0131nda hash+salt \u015feklinde saklan\u0131r. Salt(tuz) her seferinde de\u011fi\u015fken olarak atanan bir de\u011ferdir, bundan dolay\u0131 ayn\u0131 parolay\u0131 iki kere girildi\u011finde hash de\u011ferleri farkl\u0131 \u00e7\u0131kacakt\u0131r.<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[21,33,39],"tags":[319],"_links":{"self":[{"href":"http:\/\/blog.lifeoverip.net\/wp-json\/wp\/v2\/posts\/2749"}],"collection":[{"href":"http:\/\/blog.lifeoverip.net\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/blog.lifeoverip.net\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/blog.lifeoverip.net\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"http:\/\/blog.lifeoverip.net\/wp-json\/wp\/v2\/comments?post=2749"}],"version-history":[{"count":1,"href":"http:\/\/blog.lifeoverip.net\/wp-json\/wp\/v2\/posts\/2749\/revisions"}],"predecessor-version":[{"id":2750,"href":"http:\/\/blog.lifeoverip.net\/wp-json\/wp\/v2\/posts\/2749\/revisions\/2750"}],"wp:attachment":[{"href":"http:\/\/blog.lifeoverip.net\/wp-json\/wp\/v2\/media?parent=2749"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/blog.lifeoverip.net\/wp-json\/wp\/v2\/categories?post=2749"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/blog.lifeoverip.net\/wp-json\/wp\/v2\/tags?post=2749"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}