In this post, you will learn what is John the ripper tool used and how exactly it works. In this post, I am not teaching how to command. Soon I will update a post on how to command this tool.
What is John the ripper?
John the ripper is a powerful “password cracking tool”. This tool was initially released in the year 1996, firstly this tool was created to check the password strength and later on update the tool was able to perform brute-force attacks and dictionary attacks. Both are just password cracking methods.
There is a free and pro version of john the ripper and the pro version costs starts from 39 dollars to 185 dollars. So, most of them get a cracked version from Github. The free version cannot support 64xbit, Which is a big disadvantage. But the pro version can support a 64xbit version and can also auto compile.
Who can use John the ripper tool?
Anyone can use john the ripper tool with OS(operating system) windows, Linux. Yes, this tool also supports windows. Windows users do not need t worry about it.
Also Read: What is Metasploit? – An overview
How John the ripper works?
The password cracking tool can work in three methods they are;
- Dictionary attack
- Brute-fource attack
- Rainbow tables
Dictionary attack – In this type of attack, the tool enters the pre-installed password and checks with the hashed passwords. Once it is correct it will display the correct password. The user can also enter a pre-installed text to this attack.
Brute-force attack – This type of attack will be effective if the users know about the person or have done an external reconnaissance attack, If yes, It will be very easy to perform this particular attack. The attack sorts the numbers of the password would be and the characters it might be. A brute-force attack is a guessing attack according to me.
Rainbow tables – This attack allows the hashed password to match and if it is correct the correct result will display.
There are three modes available in this tool they are single crack mode, wordlist more, Incremental mode etc.,
Also Read: What is Nmpa? – An overview of Nmap
Also Read: What is browser-hijacking?