Today we are going to learn how to crack passwords with john the ripper. If you have never heard about it, then you are surely missing a lot of passwords cracking action. John, the ripper, is an open-source password cracking tool used by almost all the famous hackers. It’s sheer functionality, and features have made it the favorite of everyone in the hacker community.
What is John, the Ripper?
As mentioned before, John the ripper is a password cracking tool which is included by default in Kali Linux and was developed by openwall. It can automatically detect and decrypt hashed passwords, which is the standard way of storing passwords in all operating systems. This tool is an offline password cracking tool, and it also has paid versions with added functionality.
So let’s start hacking with John, the ripper. Download the free version of john from below:
Download john the ripper
If you have kali Linux then John the ripper is already included in it.
We will review the following four tutorials with john the ripper password cracking tool:
1. Cracking Linux Passwords
2.Cracking Password Protected ZIP/RAR Files
3. Decrypting Hash files.
4.Using Wordlists To Crack Passwords
1]Cracking Linux passwords
In Linux, the passwords are stored in the shadow file. If you have been using Linux for a while, you will know it. This file is hashed and secured. Also, you cannot directly see the files. But with john the ripper you can easily crack the password and get access to the Linux password.
To crack the Linux password with john the ripper type the following command on the terminal:
unshadow /etc/passwd /etc/shadow > crack.txt
unshadow is a command which can extract hashes and send them to crack.txt file. John can now use these file with saved hashes to crack them.
As you can see, my default password was directly cracked. Depending on password complexity, the time required for cracking password will change. Also, if you are using a wordlist, then the password needs to be present in the wordlist.
If you do not see the password or you want to see it again do the following:
To see cracked files type the following command:
cat /root/.john/john.pot
here test123 is the password
Note: Note password cracking is resource-intensive. Your laptops might get heated up if there is no proper cooling and airflow.
There are many options and flags you can use with john the ripper. Check the image below to know more.
2]Cracking password-protected zip and rar files.
We come across zip files having passwords and encryption quite often if we are downloading stuff from the internet. So let’s try cracking the password of a zip file.
Open the folder where the zip file is located in the terminal[Change directory with cd command]. Once you open the folder type the following command in the terminal:
command: zip2john file > output.txt
file = name of the zip file
After using this command, you will see an output.txt file which has the hashes of the zip file stored in it.
To crack the hash of the zip file, type :
Command: john –format=zip output.txt
With this command, the zip password cracking process will begin, and you will be able to hack the password of the zip file with john the ripper. Do note it will take time and depending on the password complexity.
In the case, of cracking passwords of “rar” files just replace “zip” with “rar.” Everything else follows the same format.
i.e., commands:
rar2john file > output.txt
John –format=rar output.txt
Must read: How to hack android phones with a single link?
3] Decrypting hash files with John, the ripper
You need to save the hash you want to decrypt in a text file. I will be making a separate article on acquiring password hashes. Till then stay tuned and support hacking world.
I have my Hash over here in a text file.
Now, let’s use john to decrypt the hash and access the password.
To decrypt it, use this :
LM Hashes
SHA1
To decrypt SHA1 encryption, we will use RockYou as wordlist and crack the password, as shown below:
john –wordlist=/usr/share/wordlists/rockyou.txt –format=raw-sha1 crack.txt
SHA256
john –wordlist=/usr/share/wordlists/rockyou.txt –format=raw-sha256 crack.txt
MD5
john –format=raw-md5 hash.txt
Wait for the hash file to be decrypted. Once the file is decrypted, you will see the password.
To see all formats supported by john type the following command.
john –list=formats
Frankly, the hash suite is a better alternative. You can also try cain and Abel for cracking hashes. But for Linux terminal-based hacking John the ripper is the best.
4] Using custom wordlists to hack passwords
If you want to use a wordlist attack. Which takes a lot of time but does work provided the word list is good. John, the ripper, uses a custom dictionary which contains the list of the most commonly used passwords around the world. So unless the password is really unique and long john, the ripper can hack the password.
Syntax:
john –format=raw-sha1 –wordlist password.txt THEHASHFILE.txt
You can try the following command, e.g., for better understanding:
john –wordlist=/usr/share/john/password.lst hashfile
Here in the above command, I used the password.lst file. You can use any file you want.
Bonus: Cracking Multiple Files
We can also crack multiple hash files provided if they have the same encryption.
- crack.txt
- crack1.txt
Both contain md5 hashes, so to crack both files in one session, we will run john as follows:
Syntax: john [file 1][file 2]
john -form=raw-md5 crack.txt crack1.txt
To see list of all possible formats john the ripper can crack type the following command:
john -list=formats
Commonly asked questions about John the Ripper.
Q.1 Can this tool be used in Windows?
Yes, it can, but the hash suite is a better alternative on Windows the interface is much simpler and can be used without the help of the command line.
Q2. Can John the Ripper hack any password?
Technically speaking yes, it can be provided you meet all of its requirements. For example, if the password is complicated but is present in the wordlist dictionary you use, then it can easily be hacked.
Q3. Is this tool free to use?
Yes, this version is free to use there is a separate paid version for those who required. The paid version has a lot of features, but I haven’t tested it yet.
Q.3 Can you use this tool online?
No, this is an offline password cracking tool to crack hashes. It cannot perform online password cracking attacks.
Q.4 Can you hack facebook and Instagram with this tool?
Yes provided you get the hashes of the facebook and Instagram password. You cannot crack any online passwords with this tool.
Hope you had fun cracking with john the ripper. If you have any questions about john, do mention them in the comment section. Do note is an offline password cracking tool. Hope you liked the article share and donate to support the site. Happy Hacking.