Cracking Metasploitable2 Root Password Hash

Last Modified: Thu, 10 Jan 2019 15:14:54 +0000 ; Created: Wed, 28 Nov 2018 16:31:52 +0000

Playing with this test VM pulled the root entry in /etc/shadow.

root:$1$/avpfBJ1$x0z8w5UF9Iv./DR9E9Lid.:0:0:root:/root:/bin/bash

Not really required to get root, but I wanted to see if I could find the password. I splun up a cloud server with compute optimization (vCPU dedicated) and ran John the Ripper.

john --fork=2 unshadowedMetasploitable2

2 cores on a Intel(R) Xeon(R) CPU E5-2680 v2 @ 2.80GHz.

Results

Running continous for 3,500 hours (145 days) has not resulted in the password.

The example status line:

1 0g 103:02:08:06 3/3 0g/s 6268p/s 12537c/s 12537C/s aj1ahcal..aj1ahcan
2 0g 103:02:08:06 3/3 0g/s 6268p/s 12537c/s 12537C/s mbunrl#6..mbunrl#@

I don't have any GPU instances because I wanted to test with a low-cost cloud server to see how far it could get with lowest cost.