How to Crack a Linux Password Now, let's crack a Linux password. In Linux, there are two important files saved in the /etc folder: passwd and shadow.
/etc/passwd -> stores information like username, user id, login shell, and so on.
/etc/shadow -> contains password hash, password expiry, and so on.
In addition to the “john” command, John comes with a few other utilities. One of them is called “unshadow”.
The unshadow command combines the passwd and shadow files together into a single file. This can then be used by John to crack passwords.
Here is how we use the unshadow command:
$ unshadow /etc/passwd /etc/shadow > output.db
This command will combine the files together and create an output.db file. We can now crack the output.db file using John.
$ john output.db John tries to find the password for all the users in the passwd file and generates the output with the list of cracked passwords. Again, you can use custom wordlists via the — — wordlist flag.