Introduction
In this post, you will learn what is john the ripper and how does the tool and also you will learn all the commands in the tool and I am damn sure by end of this post, you will be familiar with using this tool.
Below is the video format of the post, Check it out 👇🏾
Video
What is John the ripper ❓
John the ripper is a powerful “password cracking tool”. This tool was initially released in the year 1996, firstly this tool was created to check the password strength and later on update the tool was able to perform brute-force attacks and dictionary attacks. Both are just password cracking methods.
There is a free and pro version of john the ripper and the pro version costs starts from 39 dollars to 185 dollars.
So, most of them get a cracked version from Github. The free version cannot support 64xbit, Which is a big disadvantage. But the pro version can support a 64xbit version and can also auto compile.
Anyone can use john the ripper tool with OS(operating system) windows, Linux, mac. Yes, this tool also supports windows. Windows users do not need t worry about it.
Who developed the John the ripper tool ????
Useful commands in John the ripper
- –single: “single crack” mode
- –wordlist=FILE wordlist mode, read words from FILE,
–stdin or from stdin - –rules: enable word mangling rules for wordlist mode
- –incremental[=MODE]: “incremental” mode [using section MODE]
- –external=MODE: external mode or word filter
- –session=NAME: give a new session the NAME
- –show: show cracked passwords
- –format=NAME: force hash type NAME
These are just a handful of useful commands and there are many more commands we will see all the commands in the below para…
How to use the John the ripper
Just, Follow the below examples and as I said at the beginning I am damn sure by end of the post, You will be familiar using this tool and in between If you got any doubt just comment down below or Watch the video I made on John the ripper.
Example1, Single crack mode
For single crack mode just use the below command
john –single –format=raw-sha1 sha1.txt
–single: Single crack mode
–format:Name You have to secify the hash type you are going to crack
Finally mention the file name.
*Suppose if you don’t know the hash type just enter john and the file and john automatically finds the hash type.
Example2, Wordlist crack
Now, let’s specify the wordlist to crack the password.
john –wordlist=/usr/share/wordlists/rockyou.txt –format=raw-sha1 sha.txt
–wordlist: List the file
–format: The file type you are cracking
Finally mentioning the cracking file.
You can specify any wordlist, Most of the wordlist will be in cd /usr/share
I suggest you to use rockyou.txt because it has 14 million passwords.
Example3, Md5
The md5 decryption is very easy and I am using the –wordlists command
john –wordlist=/usr/share/wordlists/rockyou.txt –format=raw-md5 md5.txt
Example4, Sha1
For sha1 I am using the same rockyou.txt file
john –wordlist=/usr/share/wordlists/rockyou.txt –format=raw-sha1 sha1.txt
Example5, Md4
john –wordlist=/usr/share/wordlists/rockyou.txt –format=raw-md4 md4.txt
Example6, Sha256
Now, let’s crack the sha256 A tough hash
john –wordlist=/usr/share/wordlists/rockyou.txt –format=raw-sha256 sha256.txt
Example7, Sha512
john –wordlist=/usr/share/john/password.lst –format=raw-sha512 sha512
Example8, Whirlpool
Now, let’s carck a whirlpool hash and for this we use the –format and just enter the hash type and no need to enter the raw. The command look something like this 👇🏾
Example9, Viewing different format
We have performed differnt hash type attacks and to know what the hash types the john the ripper tool can crack we use this command.
john –list=formats
Example10, Using short terms
Now, let’s use short terms for –wordlists, –format, –single
john -w=/usr/share/wordlists/rockyou.txt –form=raw-md5 md55.txt
-w (or) –wordlist
–form (or) –format
Instead of using long words you can use these short terms ????????
Example11, Crcaking multiple hash files
To crack multiple files just keep on adding the file names
john -w=/usr/share/wordlists/rockyou.txt –form=raw-sha256 baby.txt dad.txt mom.txt
Example12, Zip file cracking
Cracking a Zip file is very easy just convert the zip file to the txt format and then we do a wordlist attack.
Firstly the command to convert zip to txt enter this ????????
zip2john protected.zip > crack77.txt
Now, lets crack the file
john –wordlist=/usr/share/wordlists/rockyou.txt crack77.txt
Example13, Viewing all john log files
Sometimes –show command doesnt work but the password hash and the password will be stored in the pot file.
Here is command to open pot file.
cat ~/.john/john.pot
Conclusion
John the ripper is a great tool and I should accept it and I am not a big fan of john but for beginners it is the great tool.
Initially it is really tough working with the tool, But once you started to know the concept of cracking then you will be rocking.
I prefer hash cat but for beginners john is great.
Also Read:Medusa is great tool for cracking password
Also Read: Ncrack is similar to nmap and it is one of the best password cracker
