nerdexam
ExamsGCIHQuestions#770
GIAC

GCIH · Question #770

GCIH Question #770: Real Exam Question with Answer & Explanation

The correct answer is C: unshadow. John the Ripper includes the 'unshadow' utility to merge /etc/passwd and /etc/shadow into a single file suitable for password cracking.

Vulnerability Exploitation & Privilege Escalation

Question

Which of the following programs is used by John the Ripper to merge the /etc/passwd and /etc/shadow files?

Options

  • Acombine
  • Bpwdump
  • Cunshadow
  • Dcat
  • Emerge

Explanation

John the Ripper includes the 'unshadow' utility to merge /etc/passwd and /etc/shadow into a single file suitable for password cracking.

Common mistakes.

  • A. 'combine' is not a utility included with John the Ripper or a standard Linux tool for merging password files.
  • B. 'pwdump' is a Windows-based tool for extracting NTLM password hashes from the SAM database, not a Linux shadow file merger.
  • D. 'cat' could technically concatenate files but does not produce the correctly formatted output required by John the Ripper for shadow file cracking.
  • E. 'merge' is not a recognized utility in the John the Ripper suite or a standard Linux command for this purpose.

Concept tested. John the Ripper unshadow utility for password cracking

Reference. https://www.openwall.com/john/doc/

Topics

#John the Ripper#unshadow#passwd shadow merge#password cracking

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full GCIH Practice