(if you don’t care and just want to crack password skip to the next headline!)
This post is not about PWK or the subsequent OSCP certificate, but I will just give you a brief idea what PWK is about:
PWK/OSCP is a Pentesting training with certification at the end. Basically you sign up for an online course and receive video tutorials and a pdf script to get you into the basics of hacking systems (enumeration, exploitation, post exploitation and so on).
With beginning of your course time you get an openvpn account which lets you connect to a huge network of machines that let you practice and sharpen your skills on a variety of machines and operation systems. You can connect to the lab with a Kali VM, that comes with all needed tools, in a matter of minutes.
Do not think its just the same as downloading metasploitable2 and some other vulnerable machines! It gives you much more complex setups to exploit! (I wont spoil anything here tough).
When your lab-time is over and/or you exploited all the machines in the lab (50+) you can schedule the OSCP exam and prove that you are a worthy addition to the security/pentesting community :)
This is accompanied by a really great IRC channel with great people: Other students and a bunch of admins that are always available to help and set you on the right track!
As im just in the middle of the lab time and have not taken the exam yet I will not go deeper about this topic in this post.
Let me just assure you it absolutely rocks and is worth every cent! I can say that I have learned more linux/unix knowhow than I learned in the last 2 years on my job!
Now shut up and tell me about john!
During the PWK course it has become second nature for me to obtain password hashes and cracking them (mostly with JohnTheRipper aka john).
Sadly Kali only comes with a single core threaded version of john. If you have a nice quad core cpu (like in a decent macbook for example) this means you are waiting four times longer on your clear text passwords than you need to!
Here is an easy guide how to compile the newest build of john with multi core support:
1. Go to /opt (or any other location you want to put it) and clone the git repository:
cd /opt git clone https://github.com/magnumripper/JohnTheRipper.git
2. go to the src directory and edit the “Makefile” file to comment in the 2 lines for Multi-CPU support:
remove the # before those two lines and save the file (:wq in vi)
# gcc with OpenMP OMPFLAGS = -fopenmp # gcc with OpenMP on 32-bit x86 with SSE2 OMPFLAGS = -fopenmp -msse2
3. Build john for i686 and x64 architecture (or any other you might have):
cd JohnTheRipper/src make linux-x86-64-32-sse2
4. john will be build under ../run and now has the option – – fork=x
cd ../run ./john --fork=4 /root/loot/somehashfile.txt
Thats it! Depending on your CPU you will have 2x-$(max cores of your cpu)x times the performance cracking the password hashes you really need to get cracked :)