What is John?
John the Ripper/John, is an open source cracking tool provided by Openwall.
It's a very popular tool that comes pre installed on the Kali distro. It's easy to use, powerful, and it's free.
Download John Jumbo
Official Site | Windows
*Installation on Linux varies depending on your package manager.
How Does it Work?
Hashes are strings of data generated from a hash function.
The hash function takes the key and creates a hash based off that key.
The same key will produce the same result each time it's run through the function.
It's meant to be irreversible, unlike encryption. However, by comparing known hash values to a hash, you can determine the key.
Cracking Hashes with Jtr
*From here on out terminal refers to command prompt as-well.
Launch your terminal. Navigate to the directory where you have John stored.
Enter the run folder. From here you can use John. Enter 'john' to confirm you're actually in the right folder.
Save your hash somewhere inside the run folder e.g. 'folder/_hashes/1.hash'.
Now that we're setup, let's begin cracking. Here are a couple options for execution:
In my example I'm cracking an md5 hash, determine what type of hash you're cracking and find the proper format.
Wordlist
Code:
Code:
john --wordlist=password.lst --format=raw-md5 _hashes/1.hashCode:
Code:
john --incremental --format=raw-md5 _hashes/1.hash*While cracking you can press the space bar to see the last made attempt.
Keep in mind some hashes have a salt included. e.g. 'p455woRd + 5ALTEdH4sH';
The likeness of you cracking a password becomes less the more complex it is.
