John is a cross platform password cracker that can be used to regain your lost Linux password. It is a good administrative tool for a multi-user system. The Linux version of John, that also has versions for Dos and Windows, comes as a downloadable source code, together with its signature. On Debian based platforms like Ubuntu, it could be installed directly from the repository with
sudo apt-get install John
Linux passwords are not really stored on the system, a hash file of the password is stored in /etc/shadow folder. To rip this file to see your password or that of the other users of the system, then do
sudo john /etc/shadow
. When i tried it, it took a few seconds to get the equivalent password of my user name.
When a password is cracked, it keeps it, and doesn’t try to crack it again. If you need this password again, the flag -show does the job. i.e.
sudo john /etc/shadow -show
John combines three cracking modes to get your password; variations of the username, it uses its an internal directory, and if this two tries don’t get it anywhere, it then goes with the brute force attack.
John for Linux also has a pro version that is on sale. This version of John the Ripper is made available under the terms of the GNU General Public License.