很多时候拿到SHELL后有权限拿到/etc/passwd和/etc/shadown文件,这样有一定几率能破解系统帐户!

Debian/Ubuntu

1
$ sudo apt-get install john

CentOS/RHEL/Fedora/ReadHat
(Download Link)[http://dag.wieers.com/rpm/packages/john/]

1
$ rpm -ivh john*

Crack Passwd

1
$ unshadown /etc/passwd /etc/shadown > /tmp/crack.passwd.db

Crack

1
$ john /tmp/crack.passwd.db

Show

1
$ john -show /tmp/crack.passwd.db