First we will talk about my friend Johnny. Johnny is a GUI frontend for my other friend John. For most password cracking tasks, this is an easy way to use Johnny. It uses the normal defaults for most password cracking sessions. Once you have captured some hashes, save them to a text file and open Johnny. As shown in the following image, Johnny can be found under Applications | 05 – Password Attacks | johnny:
Getting to Johnny in Kali 2.x is simpler. See the following image:
We are using the password hashes from a previous exploit earlier in the book, where we were passing the hash. We have shortened the list to only include the hashes of the two accounts that we think have critical access to the networked systems:
Once Johnny is open, click on the Open Passwd File button and pick the text file where you have saved the user's hash values. This will load the file into Johnny.
The following image is your first view of Johnny's interface. Very simple, and powerful:
We know these hashes come from a Windows 7 system. With Windows 7, LM hashes are no longer used by default, so we must change the default LM hash cracking. You will get the following error in the Output tab if this is not changed:
Click on the Options tab and change the Auto Detect to nt2 as follows:
Now click the Passwords tab and then click the Start Attack button; this will begin the cracking process. You can see the process in the bottom tab on the screen:
Note that it now shows the format as nt2 and is running. Have a cup of coffee. This might take a while.
Also note, we have a Pause Attack button. If needed you can pause the attack.
As with a lot of open source applications, sometimes they have quirks. Johnny is no different. Sometimes when doing a cracking run, the process will run and crack the passwords but they will not show in the GUI window. If the Pause Attack button has grayed out and only the Start button can be clicked, the run has completed and the passwords have been cracked. You can find the cracking information by clicking on the Options button. This page will also show you the length of time it took to run and the passwords cracked. This the best page to get all the results of the run.
You can see in the next image that it took 7 hours and 18 minutes to crack two passwords with six and seven characters and using complexity of upper and lower case letters, numbers, and special characters:
