Cracking Metasploitable2 Root Password Hash

Last Modified: Thu, 06 Jun 2019 13:05:25 +0000 ; Created: Wed, 28 Nov 2018 16:31:52 +0000

Playing with this test VM pulled the root entry in /etc/shadow.

root:$1$/avpfBJ1$x0z8w5UF9Iv./DR9E9Lid.:0:0:root:/root:/bin/bash

Not really required to get root, but I wanted to see if I could find the password. I spun up a cloud server with compute optimization (vCPU dedicated) and ran John the Ripper.

john --fork=2 unshadowedMetasploitable2

2 cores on a Intel(R) Xeon(R) CPU E5-2680 v2 @ 2.80GHz.

Results

Update

The cloud server has failed due to the underlying storage infrastructure hosting it going down. I've updated this page with some final stats.

Running continous for 276 days has not resulted in the password. Started on September 3, 2018.

The example status line:

1 0g 103:02:08:06 3/3 0g/s 6268p/s 12537c/s 12537C/s aj1ahcal..aj1ahcan
2 0g 103:02:08:06 3/3 0g/s 6268p/s 12537c/s 12537C/s mbunrl#6..mbunrl#@

Last status:

1 0g 276:05:15:48 3/3 0g/s 6267p/s 12535c/s 12535C/s papopuraglo..papopuraglu

I don't have any GPU instances because I wanted to test with a low-cost cloud server to see how far it could get with lowest cost.