john the ripper

John the Ripper: Full tutorial from noob to pro | updated 2024

Introduction

In this post, you will learn what is john the ripper and how does the tool and also you will learn all the commands in the tool and I am damn sure by end of this post, you will be familiar with using this tool.

Below is the video format of the post, Check it out 👇🏾

Video

What is John the ripper ❓

John the ripper is a powerful “password cracking tool”. This tool was initially released in the year 1996, firstly this tool was created to check the password strength and later on update the tool was able to perform brute-force attacks and dictionary attacks. Both are just password cracking methods.

There is a free and pro version of john the ripper and the pro version costs starts from 39 dollars to 185 dollars.

So, most of them get a cracked version from Github. The free version cannot support 64xbit, Which is a big disadvantage. But the pro version can support a 64xbit version and can also auto compile.

Anyone can use john the ripper tool with OS(operating system) windows, Linux, mac. Yes, this tool also supports windows. Windows users do not need t worry about it.

Who developed the John the ripper tool ????

The John the ripper tool is developed by an open-source company called open wall and below is their GitHub repo and also link to their original site.

Useful commands in John the ripper

  1. –single: “single crack” mode
  2. –wordlist=FILE wordlist mode, read words from FILE,
    –stdin or from stdin
  3. –rules: enable word mangling rules for wordlist mode
  4. –incremental[=MODE]: “incremental” mode [using section MODE]
  5. –external=MODE: external mode or word filter
  6. –session=NAME: give a new session the NAME
  7. –show: show cracked passwords
  8. –format=NAME: force hash type NAME

These are just a handful of useful commands and there are many more commands we will see all the commands in the below para…

How to use the John the ripper

Just, Follow the below examples and as I said at the beginning I am damn sure by end of the post, You will be familiar using this tool and in between If you got any doubt just comment down below or Watch the video I made on John the ripper.

Example1, Single crack mode

For single crack mode just use the below command

john –single –format=raw-sha1 sha1.txt

–single: Single crack mode

–format:Name You have to secify the hash type you are going to crack

Finally mention the file name.

*Suppose if you don’t know the hash type just enter john and the file and john automatically finds the hash type.

Example2, Wordlist crack

Now, let’s specify the wordlist to crack the password.

john –wordlist=/usr/share/wordlists/rockyou.txt –format=raw-sha1 sha.txt

–wordlist: List the file

–format: The file type you are cracking

Finally mentioning the cracking file.

You can specify any wordlist, Most of the wordlist will be in cd /usr/share

I suggest you to use rockyou.txt because it has 14 million passwords.

Example3, Md5

The md5 decryption is very easy and I am using the –wordlists command

john –wordlist=/usr/share/wordlists/rockyou.txt –format=raw-md5 md5.txt

Example4, Sha1

For sha1 I am using the same rockyou.txt file

john –wordlist=/usr/share/wordlists/rockyou.txt –format=raw-sha1 sha1.txt

Example5, Md4

john –wordlist=/usr/share/wordlists/rockyou.txt –format=raw-md4 md4.txt

Example6, Sha256

Now, let’s crack the sha256 A tough hash

john –wordlist=/usr/share/wordlists/rockyou.txt –format=raw-sha256 sha256.txt

Example7, Sha512

john –wordlist=/usr/share/john/password.lst –format=raw-sha512 sha512

Example8, Whirlpool

Now, let’s carck a whirlpool hash and for this we use the –format and just enter the hash type and no need to enter the raw. The command look something like this 👇🏾

Example9, Viewing different format

We have performed differnt hash type attacks and to know what the hash types the john the ripper tool can crack we use this command.

john –list=formats

Example10, Using short terms

Now, let’s use short terms for –wordlists, –format, –single

john -w=/usr/share/wordlists/rockyou.txt –form=raw-md5 md55.txt

-w (or) –wordlist

–form (or) –format

Instead of using long words you can use these short terms ????????

Example11, Crcaking multiple hash files

To crack multiple files just keep on adding the file names

john -w=/usr/share/wordlists/rockyou.txt –form=raw-sha256 baby.txt dad.txt mom.txt

Example12, Zip file cracking

Cracking a Zip file is very easy just convert the zip file to the txt format and then we do a wordlist attack.

Firstly the command to convert zip to txt enter this ????????

zip2john protected.zip > crack77.txt

Now, lets crack the file

john –wordlist=/usr/share/wordlists/rockyou.txt crack77.txt

John the Ripper

Example13, Viewing all john log files

Sometimes –show command doesnt work but the password hash and the password will be stored in the pot file.

Here is command to open pot file.

cat ~/.john/john.pot

John the Ripper

Conclusion

John the ripper is a great tool and I should accept it and I am not a big fan of john but for beginners it is the great tool.

Initially it is really tough working with the tool, But once you started to know the concept of cracking then you will be rocking.

I prefer hash cat but for beginners john is great.


Also Read:Medusa is great tool for cracking password

Also Read: Ncrack is similar to nmap and it is one of the best password cracker

Ads Blocker Image Powered by Code Help Pro

Ads Blocker Detected!!!

We have detected that you are using extensions or brave browser to block ads. Please support us by disabling these ads blocker.Our website is made possible by displaying Ads hope you whitelist our site. We use very minimal Ads in our site

 

Scroll to Top