🛠️
Hacking tools
  • Welcome!
  • Nmap
    • Nmap - Intro
    • Commands
    • Nmap Switches
    • Nmap Scripting Engine
  • Metasploit
    • Metasploit - Intro
    • Metasploit Framework Console
    • Msfvenom
    • Meterpreter
  • Netcat
    • Netcat - Intro
    • Netcat - Advanced
  • John the Ripper
    • John the Ripper - Intro
    • John the Ripper - Commands
  • Web Directory Fuzzers
    • Gobuster
    • Ffuf
  • Hydra
    • Hydra - Intro
    • Hydra - Commands
  • SQLMap
Powered by GitBook
On this page
  • Introduction
  • Uses
  • Hash Cracking Basics
  • John Basic Syntax
  • Automatic Cracking
  • Identifying hashes
  • Format-specific Cracking
  • Listing JTR's Hash Formats
  1. John the Ripper

John the Ripper - Intro

PreviousNetcat - AdvancedNextJohn the Ripper - Commands

Last updated 8 months ago

Introduction

John the Ripper is a free and open-source password cracking tool which can crack passwords stored in various formats including hashes and encrypted private keys.

Uses

  • Password auditing (assessing strength of passwords used in organizations)

  • Password recovery

  • Penetration testing

Hash Cracking Basics

John Basic Syntax

john [options] [path to file]

  • john : Invokes the John the Ripper program

  • [path to file] : The file containing the hash you're trying to crack

Automatic Cracking

Syntax:

john --wordlist=[path to wordlist] [path to file]

  • --wordlist= : Specifies using wordlist mode, reading from the file that you supply in the following path

  • [path to wordlist] : The path to the wordlist you're using

Example Usage:

john --wordlist=/usr/share/wordlists/rockyou.txt hash_to_crack.txt

Here, the hash type is not specified, so the tool automatically tries to detect the hash and tries to crack it. This is a quick method, however can be unreliable sometimes.

Identifying hashes

Format-specific Cracking

Syntax:

john --format=[format] --wordlist=[path to wordlist] [path to file]

  • --format= : This is the flag to tell John that you're giving it a hash of a specific format

  • [format] : The format that the hash is in

Example Usage:

john --format=raw-md5 --wordlist=/usr/share/wordlists/rockyou.txt hash_to_crack.txt

Listing JTR's Hash Formats

The john the ripper formats can be listed by adding using the command:

john --list=formats

You can manually check, or grep for your hash type using something like:

john --list=formats | grep -iF "md5"

Hash type can be identified using an online hash identifier tool: or by using a Python tool called .

https://hashes.com/en/tools/hash_identifier
hash-identifier
John the Ripper