John the Ripper - Commands

Cracking Hashes

/etc/shadow Hashes

First you need to unshadow the /etc/shadow file using unshadow command to combine /etc/passwd and /etc/shadow file so that john the ripper tool can understand it.

Syntax:

unshadow [path to passwd] [path to shadow]

unshadow - Invokes the unshadow tool
[path to passwd] : The file that contains the copy of the /etc/passwd file you've taken from the target machine
[path to shadow] :The file that contains the copy of the /etc/shadow file you've taken from the target machine

Example Usage:

unshadow local_passwd local_shadow > unshadowed.txt

When using unshadow, you can either use the entire /etc/passwd and /etc/shadow file- if you have them available, or you can use the relevant line from each like the corresponding lines for root in both.

After unshadowing, use the command to crack the hash file:

john --wordlist=/usr/share/wordlists/rockyou.txt --format=sha512crypt unshadowed.txt

Cracking Different Password Protected Files

Zip Files

First, you need to use zip2john command to convert the zip file to john the ripper's understandable format:

Syntax:

zip2john [options] [zip file] > [output file]

[options] - Allows you to pass specific checksum options to zip2john, this shouldn't often be necessary
[zip file] - The path to the zip file you wish to get the hash of
> - This is the output director, we're using this to send the output from this file to the...
[output file] - This is the file that will store the output from

Example Usage:

zip2john zipfile.zip > zip_hash.txt

Then, use the command to crack the hash file:

john --wordlist=/usr/share/wordlists/rockyou.txt zip_hash.txt

RAR Archives

The process is similar to that of Zip files, except you need to use rar2john command to convert.

Syntax:

rar2john [rar file] > [output file]

rar2john - Invokes the rar2john tool
[rar file] - The path to the rar file you wish to get the hash of
> - This is the output director, we're using this to send the output from this file to the...
[output file] - This is the file that will store the output from

Example Usage:

rar2john rarfile.rar > rar_hash.txt

Then, use the command to crack the hash file:

john --wordlist=/usr/share/wordlists/rockyou.txt rar_hash.txt

Cracking SSH Key

For this also, you need to convert the ssh key to jtr's understandable format using ssh2john.

Syntax:

ssh2john [id_rsa private key file] > [output file]

ssh2john - Invokes the ssh2john tool
[id_rsa private key file] - The path to the id_rsa file you wish to get the hash of
> - This is the output director, we're using this to send the output from this file to the...
[output file] - This is the file that will store the output from

Example Usage

ssh2john id_rsa > id_rsa_hash.txt

Finally, crack the hash:

john --wordlist=/usr/share/wordlists/rockyou.txt id_rsa_hash.txt

PreviousJohn the Ripper - Intro NextGobuster

Last updated 6 months ago

John the Ripper - Commands

Cracking Hashes

/etc/shadow Hashes

First you need to unshadow the /etc/shadow file using unshadow command to combine /etc/passwd and /etc/shadow file so that john the ripper tool can understand it.

Syntax:

unshadow [path to passwd] [path to shadow]

unshadow - Invokes the unshadow tool
[path to passwd] : The file that contains the copy of the /etc/passwd file you've taken from the target machine
[path to shadow] :The file that contains the copy of the /etc/shadow file you've taken from the target machine

Example Usage:

unshadow local_passwd local_shadow > unshadowed.txt

After unshadowing, use the command to crack the hash file:

john --wordlist=/usr/share/wordlists/rockyou.txt --format=sha512crypt unshadowed.txt

Cracking Different Password Protected Files

Zip Files

First, you need to use zip2john command to convert the zip file to john the ripper's understandable format:

Syntax:

zip2john [options] [zip file] > [output file]

[options] - Allows you to pass specific checksum options to zip2john, this shouldn't often be necessary
[zip file] - The path to the zip file you wish to get the hash of
> - This is the output director, we're using this to send the output from this file to the...
[output file] - This is the file that will store the output from

Example Usage:

zip2john zipfile.zip > zip_hash.txt

Then, use the command to crack the hash file:

john --wordlist=/usr/share/wordlists/rockyou.txt zip_hash.txt

RAR Archives

The process is similar to that of Zip files, except you need to use rar2john command to convert.

Syntax:

rar2john [rar file] > [output file]

rar2john - Invokes the rar2john tool
[rar file] - The path to the rar file you wish to get the hash of
> - This is the output director, we're using this to send the output from this file to the...
[output file] - This is the file that will store the output from

Example Usage:

rar2john rarfile.rar > rar_hash.txt

Then, use the command to crack the hash file:

john --wordlist=/usr/share/wordlists/rockyou.txt rar_hash.txt

Cracking SSH Key

For this also, you need to convert the ssh key to jtr's understandable format using ssh2john.

Syntax:

ssh2john [id_rsa private key file] > [output file]

ssh2john - Invokes the ssh2john tool
[id_rsa private key file] - The path to the id_rsa file you wish to get the hash of
> - This is the output director, we're using this to send the output from this file to the...
[output file] - This is the file that will store the output from

Example Usage

ssh2john id_rsa > id_rsa_hash.txt

Finally, crack the hash:

john --wordlist=/usr/share/wordlists/rockyou.txt id_rsa_hash.txt

PreviousJohn the Ripper - Intro NextGobuster

Last updated 6 months ago