John the Ripper is a free, most popular and open-source password cracking tool developed by Openwall. It was first developed for Unix operating system and now runs many operating systems including Unix, macOS, Windows, DOS, Linux, and OpenVMS. Its main purpose is to detact weak Passwords.
John the Ripper uses several cracking modes that crack hashed password. You can also use custom cracking mode using in-built compiler. John the Ripper uses dictionary attack and brute force attacks to crack the password.
In this article we will install John the Ripper software and use some useful commands to crack password.
We assume you have already knows about Linux system and about Terminal and command line. We akso assume you have some basic knowledge about cracking, encryption and decryption of password.
There are many ways to install JohnTheRipper. Here we will use some of the easy ways to install. The easiest way to install JohnTheRipper is directly from command line. For that open Terminal by pressing shortcut
CTRL+ALT+T and run the bellow command.
sudo apt install john
Now type john in Terminal and you will see bellow message.
Run the test mode
Or you can also download from Github and build. First let's build John the Ripper. Run the following command one bye one. First install required tools for the installation.
sudo apt-get install build-essential libssl-dev
Also install recommended software.
sudo apt-get install yasm libgmp-dev libpcap-dev libnss3-dev libkrb5-dev pkg-config libbz2-dev zlib1g-dev
Change working dirctory to
Download latest version of JohnTheRipper from GitHub.
git clone git://github.com/magnumripper/JohnTheRipper -b bleeding-jumbo john
Go to project dirctory.
And build from code.
./configure && make -s clean && make -sj4
Test the installed build.
Linux saves its password in
/etc/shadow file. So run bellow command to get User password. This will take time depends on your system configuration and password strength.
sudo john /etc/shadow
If it successfully cracks password, then it will return with following response.
One use of John The Ripper is to decrypt the hashed password. For the simplicity, we used simple password. First create password.txt file and put user and hashed password in
user:password format. And run the command:
If password is successfully cracked, then it will get bellow response:
You can also choose specific encryption method with
john -format=raw-md5 password.txt
Or use specific wordlist file with
john --wordlist=wordlist.lst password.txt
--show argument to get cracked password.
john password.txt --show
The password is also saved to
The other example we use is to crack password protected zip/rar file. There is 2 executable file at location
john/run/rar2john in John the Ripper programme. To crack the password protected zip file, execute
zip2john file with 2 argument as bellow:
./zip2john ../zip-file.zip ../saved-file.txt
../zip-file.zip is the location of the password protected zip file and
../saved-file.txt is the file where password will be saved. Similarly for rar file, use ./rar2john command to crack password for rar file.
After getting password at
saved-file.txt file, crack hashed password with bellow command.
john –format=zip/rar saved-file.txt
And you will get cracked password.
In the last, I will only tell that this is just basic example of cracking password. There are many ways to crack password using many software. Try to search more ways and more software searching from internet.
General error: 1205 Lock wait timeout exceededHi, in this article I will share with...
Make Authentication System with VueJs and Google FirebaseIn this tutorial, we will learn how to i...
Python Numpy Array Tutorial Part 2In the first part, we have discussed wha...
React CRUD Example using MongoDB | Express | React | NodeJsToday, I am going to teach you how to&nb...
Django 3 Authentication with MySql | Login LogoutIn this tutorial, you'll learn how t...