Twitter Facebook Instagram YouTube

John The Ripper Basic Useage

For this tutorial I used the most recent version of Kali Linux.

From the command line I added a few uses using the ‘adduser’ command. I assigned them easy to remember passwords of differing lengths and complexities.

I them combined the /etc/passowrd and /etc/shadow files into one:

[email protected]:~# unshadow
Usage: unshadow PASSWORD-FILE SHADOW-FILE


[email protected]:~# unshadow /etc/passwd /etc/shadow > ~/file_to_crack.txt

Now that we have some passwords that need cracking lets switch over to John the Ripper to actualy crack them.

The simplest way to crack password with john without using a password list is like this

[email protected]:~# john file_to_crack.txt

Using default input encoding: UTF-8
Loaded 3 password hashes with 3 different salts (sha512crypt, crypt(3) $6$ [SHA512 128/128 AVX 2x])
Press ‘q’ or Ctrl-C to abort, almost any other key for status

password1        (alice)

 

Use the “–show” option to display all of the cracked passwords reliably
Session aborted

 

[email protected]:~# john file_to_crack.txtt –show

alice:password1:1000:1000:,,,:/home/alice:/bin/bash


1 password hash cracked, 2 left

 

 

This will try “single crack” mode first, then use a wordlist with rules, and finally go for “incremental” mode.

Now after running for a few minutes it got one of the passwords for user ‘alice’. However after the hour I ran it for it didnt get either of the other 2 passwords I created.

This type of password cracking is simple, but can be slow for longer and more complex passwords.

Share and Enjoy...Tweet about this on TwitterShare on FacebookGoogle+Share on StumbleUponshare on Tumblr