Unlock cybersecurity expertise, protect digital frontiers, secure your future today! Join Now
Home
Cyber Security

John the Ripper : The Ultimate Guide to Password Cracking

John the Ripper, a versatile open-source tool, cracks hundreds of hash types, making it essential for security testing and ethical hacking.

John the Ripper, a versatile open-source tool, cracks hundreds of hash types, making it essential for security testing and ethical hacking.
Table of Contents

  1. Introduction
  2. Setting Up John the Ripper
  3. Understanding Hashes and Formats
    • Identifying Hashes with hashid and hash-identifier
  4. Basic Cracking Techniques
    • Using Wordlists
    • Incremental and Mask Modes
  5. Advanced Techniques
    • zip2john for ZIP files
    • rar2john for RAR files
    • office2john for Office documents
    • pdf2john for PDF files
    • ssh2john for SSH private keys
    • hccapx2john for WPA/WPA2 Wi-Fi passwords
  6. Wordlists for Different Hash Types
  7. Real-World Cracking Examples
  8. Performance Optimization
  9. Ethical Considerations

1. Introduction

John the Ripper (JtR) is one of the most powerful open-source tools for password cracking. With support for hundreds of hash formats, it is widely used for security testing and penetration testing. Its flexibility and power make it a must-have in every ethical hacker's toolkit.

Key Features

  • Supports a wide range of hash formats, including MD5, SHA1, NTLM, bcrypt, and WPA/WPA2.
  • Multi-platform support (Linux, Windows, macOS).
  • Built-in wordlist and rules engines.
  • GPU acceleration for faster cracking.
  • Advanced tools like zip2john, office2john, and hccapx2john for extracting hashes from files.

This guide will walk you through using John the Ripper, from setup to advanced techniques, with clear examples and outputs.

2. Setting Up John the Ripper

John the Ripper is pre-installed in Kali Linux, so no additional installation is needed. However, for advanced features, use the Jumbo version, which includes additional tools and hash support.

Installing the Jumbo Version

If not using Kali, follow these steps:

sudo apt update
sudo apt install john -y
# Installing Jumbo version from source:
git clone https://github.com/openwall/john.git
cd john/src
./configure && make -s clean && make -sj4

Verify installation:

john --version

Output:

John the Ripper 1.9.0-jumbo-1 OMP [linux-gnu 64-bit AVX2]

3. Understanding Hashes and Formats

Hashes are fixed-length representations of data, commonly used to store passwords securely. John the Ripper supports a wide range of hash formats. Before cracking, you need to identify the hash type.

Common Hash Types

Hash Type Example Usage
MD5 5f4dcc3b5aa765d61d8327deb882cf99 Web applications
SHA1 5baa61e4c9b93f3f0682250b6cf8331b7ee68fd8 File integrity checks
SHA512 $6$random$abcd1234efgh5678ijkl... Linux shadow passwords
NTLM 8846f7eaee8fb117ad06bdd830b7586c Windows authentication

Identifying Hash Types

Using hashid

hashid hashes.txt

Output:

Analyzing '5f4dcc3b5aa765d61d8327deb882cf99'
[+] MD5
[+] Domain Cached Credentials

Using hash-identifier

hash-identifier

Paste the hash when prompted. Output:

Detected MD5 Hash.

Once identified, proceed with the appropriate cracking technique.

4. Basic Cracking Techniques

Using Wordlists

john --wordlist=/usr/share/wordlists/rockyou.txt hashes.txt

Example Output:

password123      (user1)
welcome2024      (admin)

Incremental Mode

For brute-forcing:

john --incremental hashes.txt

5. Advanced Techniques

zip2john: Cracking ZIP File Passwords

Convert ZIP files into John-readable format:

zip2john protected.zip > zip.hash
john --wordlist=/usr/share/wordlists/rockyou.txt zip.hash

rar2john: Cracking RAR Files

rar2john archive.rar > rar.hash
john rar.hash

office2john: Cracking Office Document Passwords

office2john document.docx > office.hash
john --wordlist=/usr/share/wordlists/rockyou.txt office.hash

pdf2john: Cracking PDF Passwords

pdf2john.pl secret.pdf > pdf.hash
john pdf.hash

ssh2john: Cracking SSH Private Keys

ssh2john id_rsa > ssh.hash
john ssh.hash

hccapx2john: Cracking WPA/WPA2 Wi-Fi

  1. Capture handshake:
    hcxdumptool -i wlan0mon -o capture.pcapng
  2. Convert to hccapx:
    hcxpcapngtool -o output.hccapx capture.pcapng
  3. Convert for John:
    hccapx2john output.hccapx > wifi.hash
john wifi.hash

Output:

SSID: MyWiFiNetwork
Password: securepassword123

6. Wordlists for Different Hash Types

Hash Type Recommended Wordlist
MD5 /usr/share/wordlists/rockyou.txt
SHA1 /usr/share/wordlists/common-passwords.txt
NTLM /usr/share/wordlists/ntlm-wordlist.txt
WPA/WPA2 /usr/share/wordlists/wifi-common.txt

7. Real-World Cracking Examples

Cracking a Linux Shadow File

  1. Extract hashes:
    unshadow /etc/passwd /etc/shadow > hashes.txt
  2. Crack:
    john hashes.txt

Output:

root:toor

8. Performance Optimization

  • Use GPU acceleration:
    john --format=ntlm-opencl hashes.txt

  • Run benchmarks:

    john --test

9. Ethical Considerations

  • Obtain explicit permission before cracking.
  • Use for authorized security assessments only.
  • Avoid storing sensitive hashes insecurely.

Conclusion

John the Ripper is an essential tool for ethical hackers and security enthusiasts. By mastering its basic and advanced features, you can strengthen password policies and security defenses.

Ready to crack the impossible? Try the techniques above and boost your security knowledge!