module
Password Cracker: Linux
| Disclosed |
|---|
| N/A |
Disclosed
N/A
Description
This module uses John the Ripper or Hashcat to identify weak passwords that have been
acquired from unshadowed passwd files from Unix/Linux systems. The module will only crack
MD5, BSDi and DES implementations by default. However, it can also crack
Blowfish and SHA(256/512), but it is much slower.
MD5 is format 500 in hashcat.
DES is format 1500 in hashcat.
BSDI is format 12400 in hashcat.
BLOWFISH is format 3200 in hashcat.
SHA256 is format 7400 in hashcat.
SHA512 is format 1800 in hashcat.
acquired from unshadowed passwd files from Unix/Linux systems. The module will only crack
MD5, BSDi and DES implementations by default. However, it can also crack
Blowfish and SHA(256/512), but it is much slower.
MD5 is format 500 in hashcat.
DES is format 1500 in hashcat.
BSDI is format 12400 in hashcat.
BLOWFISH is format 3200 in hashcat.
SHA256 is format 7400 in hashcat.
SHA512 is format 1800 in hashcat.
Rapid7 Labs
2026 Global Threat Landscape Report
The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.