Hands-On Penetration Testing on Windows
上QQ阅读APP看书,第一时间看更新

Reviewing your progress with the show flag

Although John shows us plenty of data during the cracking effort, it's nice to know that our results are automatically being saved somewhere so we can review them in a nice clean format. John makes management of large input files a snap by putting aside cracked hashes when we start up John again.

For example, let's say we're working on 25 hashes, and we only have five hours today to crack them, but we can continue tomorrow for several more hours. We can set up our attack and let John run for five hours and then abort with q or Ctrl + C. Suppose we recovered 10 passwords in that time. When we fire up John tomorrow, the 10 passwords are already set aside and John goes to work on the remaining 15.

Instead of having an output file that we would review separately, John is designed to let us review results with the --show flag: 

Export this data into an Excel spreadsheet as colon-delimited data, and you have a head start on managing even massive cracking projects. 

As a proper treatment of password cracking could be an entire book on its own, we aren't finished with the topic here. We'll look at raiding compromised hosts for hashes in Chapter 15Escalating Privileges, so we'll revisit cracking against large inputs.