Cracking Metasploitable2 Root Password Hash

Last Modified: Tue, 12 Mar 2019 16:25:39 +0000 ; Created: Wed, 28 Nov 2018 16:31:52 +0000

Playing with this test VM pulled the root entry in /etc/shadow.


Not really required to get root, but I wanted to see if I could find the password. I spun up a cloud server with compute optimization (vCPU dedicated) and ran John the Ripper.

john --fork=2 unshadowedMetasploitable2

2 cores on a Intel(R) Xeon(R) CPU E5-2680 v2 @ 2.80GHz.


Running continous for 4,964 hours (206 days) has not resulted in the password.

The example status line:

1 0g 103:02:08:06 3/3 0g/s 6268p/s 12537c/s 12537C/s aj1ahcal..aj1ahcan
2 0g 103:02:08:06 3/3 0g/s 6268p/s 12537c/s 12537C/s mbunrl#6..mbunrl#@

I don't have any GPU instances because I wanted to test with a low-cost cloud server to see how far it could get with lowest cost.