John the Ripper - Commands

Cracking Hashes

/etc/shadow Hashes

First you need to unshadow the /etc/shadow file using unshadow command to combine /etc/passwd and /etc/shadow file so that john the ripper tool can understand it.

Syntax:

unshadow [path to passwd] [path to shadow]

  • unshadow - Invokes the unshadow tool

  • [path to passwd] : The file that contains the copy of the /etc/passwd file you've taken from the target machine

  • [path to shadow] :The file that contains the copy of the /etc/shadow file you've taken from the target machine

Example Usage:

unshadow local_passwd local_shadow > unshadowed.txt

When using unshadow, you can either use the entire /etc/passwd and /etc/shadow file- if you have them available, or you can use the relevant line from each like the corresponding lines for root in both.

After unshadowing, use the command to crack the hash file:

john --wordlist=/usr/share/wordlists/rockyou.txt --format=sha512crypt unshadowed.txt

Cracking Different Password Protected Files

Zip Files

First, you need to use zip2john command to convert the zip file to john the ripper's understandable format:

Syntax:

zip2john [options] [zip file] > [output file]

  • [options] - Allows you to pass specific checksum options to zip2john, this shouldn't often be necessary

  • [zip file] - The path to the zip file you wish to get the hash of

  • > - This is the output director, we're using this to send the output from this file to the...

  • [output file] - This is the file that will store the output from

Example Usage:

Then, use the command to crack the hash file:

RAR Archives

The process is similar to that of Zip files, except you need to use rar2john command to convert.

Syntax:

rar2john [rar file] > [output file]

  • rar2john - Invokes the rar2john tool

  • [rar file] - The path to the rar file you wish to get the hash of

  • > - This is the output director, we're using this to send the output from this file to the...

  • [output file] - This is the file that will store the output from

Example Usage:

Then, use the command to crack the hash file:

Cracking SSH Key

For this also, you need to convert the ssh key to jtr's understandable format using ssh2john.

Syntax:

ssh2john [id_rsa private key file] > [output file]

  • ssh2john - Invokes the ssh2john tool

  • [id_rsa private key file] - The path to the id_rsa file you wish to get the hash of

  • > - This is the output director, we're using this to send the output from this file to the...

  • [output file] - This is the file that will store the output from

Example Usage

Finally, crack the hash:

PreviousJohn the Ripper - IntroNextGobuster

Last updated