First time I used this tool, I was amazed because it got my root and user password easily (it wasn’t that strong though).
About John the Ripper
John the Ripper is a fast password cracker, currently available for many flavors of Unix, Windows, DOS, BeOS, and OpenVMS. Its primary purpose is to detect weak Unix passwords. Besides several crypt(3) password hash types most commonly found on various Unix systems, supported out of the box are Windows LM hashes, plus lots of other hashes and ciphers in the community-enhanced version.
John the Ripper is a fast password cracker, currently available for many flavors of Unix, Windows, DOS, BeOS, and OpenVMS. Its primary purpose is to detect weak Unix passwords. Besides several crypt(3) password hash types most commonly found on various Unix systems, supported out of the box are Windows LM hashes, plus lots of other hashes and ciphers in the community-enhanced version.
Root / johnspasswd john: password: 1000: 1001:: /home/ john: /bin/ bash 1 password hash cracked, 1 left root@kali:# Now that we have completed the basics of John the Ripper and cracked a password using it, it’s possibly time to move on to bigger and more complex things. If you have any doubts regarding this post just type down a comment. John the Ripper – Cracking Passwords. The following example shows John’s ability to guess the correct format for password entries. First, create a text file named windows.txt with the following two lines containing an entry for “Ged” and “Arha.”. Using default input encoding: UTF-8 Loaded 1 password hash (Raw-SHA256 SHA256 128/128 SSE2 4x) Press 'q' or Ctrl-C to abort, almost any other key for status 0g 0:00:00:06 DONE (2017-01-06 12:47) 0g/s 2347Kp/s 2347Kc/s 2347KC/s Session completed show $ john -show mypassword 0 password hashes cracked, 1 left What did I do wrong? Mar 30, 2015 John the Ripper is a fast password cracker, currently available for many flavors of Unix, Windows, DOS, BeOS, and OpenVMS. Its primary purpose is to detect weak Unix passwords. Besides several crypt(3) password hash types most commonly found on various Unix systems, supported out of the box are Windows LM hashes, plus lots of other hashes.
Installing John the Ripper:
It’s available in official repos, assuming you are using the DEB based distros:
It’s available in official repos, assuming you are using the DEB based distros:
Using John the Ripper:
The name was the most thing I fell in love with 😀 it rips actually, after installation please run this
The name was the most thing I fell in love with 😀 it rips actually, after installation please run this
to get everything set and it should output something similar to
Now lets get things ready by creating a test account we need:
- Create a user with the username as test
- Assign a password to it, here am giving it the password “password”
- When this is done successfully, Linux saves user hashed passwords in /etc/shadow, test this by runningwhich will return something similar to
- Before we go on ripping and testing how strong this password is, John works with files i.e. works with file with the hashed password inside, so we are going to copy that returned line and place in a file
- Now lets give John job to do by directing it to dehash password in the test_pass fileTaking some minutes this returns something similar toAs we see it dehash the password here password        (test) so easily 🙂
John might take minutes, hours, days or even weeks to dehash a password depending on how strong they are. Apart from user passwords, John also dehash hashes but must be in a text file and in this format
Summary:
For me, John is a cool tool for testing how strong your password is. Weak passwords as we used as an example here is being cracked within minutes but strong ones might take hours and might not yeild result.
For me, John is a cool tool for testing how strong your password is. Weak passwords as we used as an example here is being cracked within minutes but strong ones might take hours and might not yeild result.
Read more on Docs
John The Ripper is an open source and very efficient password cracker by Open-Wall. It was originally built for Unix but is now available for fifteen different platforms including Windows, DOS, BeOS, OpenVMS and Unix like operating systems. It is an Open Source tool and is free, though a premium version also exists. Initially, its primary purpose was to detect weak password configurations in Unix based Operating systems. Today it supports cracking of hundreds of hashes and ciphers.![John John](/uploads/1/1/8/5/118539583/326124164.jpg)
Installation
John The Ripper can be installed in many ways. A few common ones are we can install it by using apt-get or snap. Open up the terminal and run the following commands.
This will initiate an installation process. Once it finishes type ‘john’ in the terminal.
ubuntu@mypc:~$ john
John the Ripper 1.9.0-jumbo-1 OMP [linux-gnu 64-bit 64 AVX2 AC]
Copyright (c)1996-2019 by Solar Designer and others
Homepage: http://www.openwall.com/john/
John the Ripper 1.9.0-jumbo-1 OMP [linux-gnu 64-bit 64 AVX2 AC]
Copyright (c)1996-2019 by Solar Designer and others
Homepage: http://www.openwall.com/john/
This means John the Ripper v1.9.0 is now installed on your device. We can see the homepage URL sending us to Open-wall’s website. And Usage given below indicates how to use the utility.
It can also be downloaded and installed via snap. You need to install snap if you do not already have it.
ubuntu@mypc:~$ sudo apt update
ubuntu@mypc:~$ sudo apt install snapd
ubuntu@mypc:~$ sudo apt install snapd
And then install JohnTheRipper via snap.
Cracking Passwords with JohnTheRipper
So, JohnTheRipper is installed on your computer. Now to the interesting part, how to crack passwords with it. Type ‘john’ in the terminal. The Terminal will show you the following result:
ubuntu@mypc:~$ john
John the Ripper 1.9.0-jumbo-1 OMP [linux-gnu 64-bit 64 AVX2 AC]
Copyright (c)1996-2019 by Solar Designer and others
Homepage: http://www.openwall.com/john/
Below the Homepage, USAGE is given as:
Usage: john [OPTIONS][PASSWORD-FILES]
John the Ripper 1.9.0-jumbo-1 OMP [linux-gnu 64-bit 64 AVX2 AC]
Copyright (c)1996-2019 by Solar Designer and others
Homepage: http://www.openwall.com/john/
Below the Homepage, USAGE is given as:
Usage: john [OPTIONS][PASSWORD-FILES]
By looking at its usage, We can make out that you just need to supply it your password file(s) and the desired option(s). Different OPTIONS are listed below the usage providing us different choices as to how the attack can be carried out.
Some of the different options available are:
–single
- Default mode using default or named rules.
–wordlist
- wordlist mode, read wordlist dictionary from a FILE or standard input
–encoding
- input encoding (eg. UTF-8, ISO-8859-1).
–rules
- enable word mangling rules, using default or named rules.
–incremental Star ccm download.
- ”incremental” mode
–external
- external mode or word filter
–restore = NAME
- restore an interrupted session [called NAME]
–session = NAME
- name a new session NAME
–status = NAME
- print status of a session [called NAME]
–show
- show cracked passwords.
–test
- run tests and benchmarks.
–salts
- load salts.
–fork = N
- Create N processes for cracking.
–pot = NAME
![Hand Hand](https://i0.wp.com/1.bp.blogspot.com/-XoxFvmjAxwE/WOPR-g6v6vI/AAAAAAAAPtM/ryOQuwLirmUd5l317FXSJT_7-TI4EGxTACLcB/s1600/5.png?w=687&ssl=1)
- pot file to use
–list = WHAT
- lists WHAT capabilities. –list=help shows more on this option.
–format = NAME
- Provide John with the hash type. e.g, –format=raw-MD5, –format=SHA512
Different modes in JohnTheRipper
By default John tries “single” then “wordlist” and finally “incremental”. Modes can be understood as a method John uses to crack passwords. You may have heard of different kinds of attacks like Dictionary attack, Bruteforce attack etc. That precisely, are what we call John’s modes. Wordlists containing possible passwords are essential for a dictionary attack. Apart from the modes listed above John also supports another mode called external mode. You can choose to select a dictionary file or you can do brute-force with John The Ripper by trying all possible permutations in the passwords. The default config starts with single crack mode, mostly because it’s faster and even faster if you use multiple password files at a time. The most powerful mode available is the incremental mode. It will try different combinations while cracking. External mode, as the name implies, will use custom functions that you write yourself, while wordlist mode takes a word list specified as an argument to the option and tries a simple dictionary attack on passwords.
John will now start checking against thousands of passwords. Password cracking is CPU-intensive and a very long process, so the time it takes will depend on your system and the strength of the password. It can take days. If the password is not cracked for days with a powerful CPU, it is a very good password. If it is really crucia; to crack the password then leave the system until John cracks it. As mentioned earlier, this can take many days.
As it cracks, you can check status by pressing any key. To Quit an attack session simply press ‘q’ or Ctrl + C.
John The Ripper Pkzip2
Once it finds the password, it will be displayed on the terminal. All the cracked passwords are saved in a file called
~/.john/john.pot
.It displays passwords in
$[HASH]:<pass>
format.ubuntu@mypc:~/.john$ cat john.pot
$dynamic_0$827ccb0eea8a706c4c34a16891f84e7b:12345
$dynamic_0$827ccb0eea8a706c4c34a16891f84e7b:12345
John The Ripper 0 Password Hashes Cracked 1 Left Hands
Let’s crack a password. For instance, we have a MD5 password hash that we need to crack.
We will put this into a file, say password.hash and save it in user:<hash> format.
You can type any username, it is not necessary to have some specified ones.
Now we crack it!
ubuntu@mypc:~$ john password.hash --format=Raw-MD5
It starts cracking the password.
We see that john loads hash from the file and starts with the ‘single’ mode. As it progresses, it goes onto the wordlist before moving onto incremental. When it cracks the password, it stops the session and shows the results.
Password can be seen later also by:
John The Ripper 0 Password Hashes Cracked 1 Left Hand Game
ubuntu@mypc:~$ john password.hash --format=Raw-MD5 --show
admin:emerald
1 password hash cracked, 0 left
Also by ~/.john/john.pot :
ubuntu@mypc:~$ cat ~/.john/john.pot
$dynamic_0$bd9059497b4af2bb913a8522747af2de:emerald
$dynamic_0$827ccb0eea8a706c4c34a16891f84e7b:12345
admin:emerald
1 password hash cracked, 0 left
Also by ~/.john/john.pot :
ubuntu@mypc:~$ cat ~/.john/john.pot
$dynamic_0$bd9059497b4af2bb913a8522747af2de:emerald
$dynamic_0$827ccb0eea8a706c4c34a16891f84e7b:12345
So, the password is emerald.
John The Ripper Nt Hash
The internet is full of modern password cracking tools and Utilities. JohnTheRipper may have many alternatives, but it is one of the best ones available. Happy Cracking!