John the Ripper: A Powerful Password Cracking Tool
John the Ripper: A Powerful Password Cracking Tool
John the Ripper is a popular, free, and open-source password cracking tool that can automatically detect password hash types and supports a wide range of password hash types, including DES, MD5, and SHA. It’s a powerful tool that can be used for both ethical and unethical purposes, so it’s essential to use it responsibly and with permission.
What is John the Ripper?
John the Ripper is an offline password cracking tool that was developed in 1996 by Openwall Project. It’s notable for supporting a diversity of password formats. It’s included in the default repositories for many Linux distributions, including Debian and Ubuntu, and installed by default in most penetration testing distributions, including Kali and BlackArch.
How to Install John the Ripper on Windows and Linux
Installing on Windows
To install John the Ripper on Windows, you can download the executable file from the official website and follow the installation instructions.
Installing on Linux
To install John the Ripper on Linux, you can use the package manager for your distribution. For example, on Ubuntu or Debian, you can use the following command:
1
sudo apt-get install john
How to Use John the Ripper
John the Ripper has several modes to crack passwords, including single crack mode, wordlist mode, and incremental mode. Here are some examples of how to use John the Ripper:
1
john
Cracking a SHA Hash
To crack a SHA256 hash using John the Ripper, you can use the following command:
1
john --format=Raw-SHA256 --wordlist=/usr/share/wordlists/rockyou.txt hash.txt
Cracking an MD5 Hash
To crack an MD5 hash using John the Ripper, you can use the following command:
1
john --format=raw-md5 --wordlist=/usr/share/wordlists/rockyou.txt hash.txt
Cracking a Password Using a Wordlist
To crack a password using a wordlist, you can use the following command:
1
john --wordlist=/usr/share/wordlists/rockyou.txt passwordfile
Incremental Mode
In Incremental Mode, John tries all possible character combinations as passwords. This process can be time-consuming if the password is too long or if alphanumeric characters and symbols comprise the password.
You won’t use this Mode unless you don’t have any other options. Typically, a combination of social engineering attacks and Wordlist Mode will help you uncover most passwords.
The syntax for Incremental Mode is:
1
2
3
john --incremental --incremental-charcount=N --format=FORMAT passwords_to_crack.txt
john -inc --incremental-charcount=N --format=FORMAT passwords_to_crack.txt
How To Crack a Zip Using John the Ripper
To crack a password-protected ZIP file, we first get the hash of the ZIP file’s password:
1
zip2john file.zip > zip.hashes
This command gets the hash from the ZIP file and stores it in the zip.hashes file.
Now you can crack the hash with John:
john zip.hashes # Single Crack Mode
1
john --wordlist=rockyou zip.hashes # Using the RockYou wordlist
Helpful Commands
| Flag | Description |
|---|---|
| --show FILE | Show cracked passwords based on hashes from FILE |
| --rules, -ru | Enable word-mangling rules to teach John the Ripper how to generate passwords |
| --status | Print the status of an interrupted or running session |
| --session=NAME | Give a new John the Ripper session a NAME, to which John will form the session file name NAME.rec; useful for running multiple instances of John in parallel or to be able to recover later a session other than the last one you interrupt |
| --restore[=NAME] | Continue an interrupted cracking session, reading state information from the specified session file or the default session at the file path $JOHN/john.rec |
| --save-memory=LEVEL | Enable memory saving at LEVEL 1, 2, or 3. Level 1 tells John not to waste memory on login names, and may speed things up. Levels 2 and 3 reduce John’s use of performance optimizations involving large lookup tables and thus may impact performance negatively. |
| --test[=TIME] | Run tests (and benchmarks, unless TIME is explicitly 0), each spanning TIME seconds |
| & | Run the command in the background (only applies to Kali Linux and other Unix-based operating systems) |
| --format=NAME | Specify the hash type for John the Ripper to detect |
| --list=formats, --list=subformats | Reveal the hash types John the Ripper supports |
| --single, -si | Enable Single Crack Mode |
| --wordlist=FILE, -w=FILE | Enable Wordlist Mode, specifying a Wordlist (dictionary attack) |
| --incremental, -inc | Enable Incremental Mode |