John The Ripper-Password Cracking Tool
John-The-Ripper (JTR) is an open source password cracking tool which is used by Penetration testers to crack passwords . John the Ripper can be used to crack Network Passwords, NTLM hashes, /etc/shadow files, Password Protected Zip Files , Password Protected RAR Archives, SSH Keys. We will get into the details later-on in the blog.
How Passwords are Stored:
Before we dive into cracking passwords we should first understand how passwords are stored.Any program which uses password protection stores passwords as Hashes. For example: “Admin’ is stored as Md5 hash as “21232f297a57a5a743894a0e4a801fc3” . John the Ripper(JTR) automatically detects what type of password hash is employed. John the ripper uses a dictionary of passwords in hashed and raw format. John the Ripper matches different hashed passwords against a program to crack it. If it finds a match it will then show the password in raw format as cracked password.
Installing John the Ripper:
It comes preinstalled in the Kali Linux. However we will see how to install it on other linux systems like Ubuntu:
Open the terminal and write:
sudo apt-get install john -yand recommended method:
snap install john-the-ripperUse both ways to install JTR for ease of use.
This command will run john the ripper.
ubuntu@mypc:~$ john
It shows the that version 1.8.0 is installed on your machine. Now that it is installed; it is time to get into cracking the passwords.
Cracking the Passwords with JTR:
We will need different commands to exploit different types of targets.
1. Cracking Zip files:
demo.zip is a file which requires password to open.
now use:
$john-the-ripper.zip2john demo.zip > demo.txt$john demo.txt
you can see the cracked password is Admin. you can used john demo.txt —show to see the password.
2. Cracking RAR Archive Files:
We are going to use “rar2john” tool to convert the rar file into a hash format.
john-the-ripper.rar2john demorar.rar > rarhash.txt
john rarhash.txt
as you can see ‘admin’ is the password.
3. Cracking NTLM Hashes:
Here we have saved ntlm hash ‘329153F560EB329C0E1DEEA55E88A1E9’ for ‘root’ in a file ntlmhash.txt
john --format=nt ntlmhash.txt
we can see for the ‘root’ is cracked.
4. Cracking SSH keys:
Now we will see how to crack ssh keys with the john the ripper.
python3 ssh2john.py demossh.id_rsa > rsa.hashjohn --wordlist=path/to/wordlist/ rsa.txtjohn rsa.txt --show
you may need to install ssh2john "wget https://raw.githubusercontent.com/magnumripper/JohnTheRipper/bleeding-jumbo/run/ssh2john.py"
Cracked ssh key password is “admin”
5. Cracking /etc/shadow file:
to crack /etc/shadow passwords we need to combine it with /etc/passwd/ file so JTR can understand the data that is being given to it.
$unshadow /etc/passwd /etc/shadow > unshadow.dbjohn --wordlist=/Downloads/rockyou.txt unshadowed.txt
it will start password cracking.
You may need a strong password file to crack these passwords. One such password file is: https://github.com/praetorian-inc/Hob0Rules/blob/master/wordlists/rockyou.txt.gz download this to you system and use it.
Conclusion:
This demonstration is easy to use and beginner friendly. JTR is one of the most usable password cracking tool with different modes.
Thankyou.