John the Ripper Tool | How to crack the Password of Files

john-the-ripper-password-cracker

In this blog, we will learn about one of the most important tools for Password cracking i.e. John the Ripper. We will see the basic syntax, advantages, disadvantages ad types of modes present in this tool. So let’s get started with the blog.

Introduction to John the Ripper

John the Ripper is a popular password-cracking tool used by security professionals and penetration testers. It is designed to test the strength of password hashes by using various cracking techniques, such as brute force, dictionary attacks, and rainbow table-based attacks.

The tool was originally developed in 1996 by Solar Designer and has since become one of the most widely used password-cracking tools in the cybersecurity community. It supports a wide range of hash types and encryption algorithms, including popular ones like MD5, SHA1, SHA-256, and more.

John the Ripper operates by taking password hashes from a target system or file and then attempting to crack them using different methods.

Brute-force attacks involve systematically trying every possible combination of characters until the correct password is found. Dictionary attacks use a list of commonly used passwords or words from a dictionary file to guess the password.

Rainbow table attacks use precomputed tables to speed up the cracking process.

John the Ripper is a command-line tool and is available for various operating systems, including Windows, Linux, and macOS. It also has a graphical user interface (GUI) called Johnny that provides a more user-friendly experience.

It’s important to note that John the Ripper should only be used for legal and ethical purposes, such as testing the security of your own systems or with proper authorization. Using it to crack passwords without permission is illegal and unethical.

Installation

To install John the Ripper tool, use the below command.

$ sudo apt-get install john

Advantages

John the Ripper offers several advantages as a password-cracking tool:

Flexibility:

John the Ripper supports a wide range of hash types and encryption algorithms, making it versatile and capable of cracking passwords in various formats.

Customizability:

The tool allows users to configure and customize the cracking process according to their specific needs. You can adjust parameters like the character sets, password length, and cracking techniques to optimize the cracking speed and efficiency.

Performance:

John the Ripper is known for its speed and efficiency in cracking passwords. It employs parallel processing and optimization techniques to maximize the cracking speed, especially when running on systems with multi-core CPUs or GPUs.

Comprehensive Attack Techniques:

The tool offers different attack modes, including brute-force, dictionary attacks, and rainbow table-based attacks. This versatility enables users to employ different strategies based on the available information and their specific requirements.

Password Complexity Analysis: John the Ripper can provide insights into the weaknesses of password security within a system. Analyzing the cracked passwords, it can help identify patterns, common pitfalls, and areas where password policies may need improvement.

Open Source:

John the Ripper is an open-source tool, which means its source code is publicly available. This allows security researchers and developers to examine the code, contribute improvements, and verify the tool’s security and integrity.

Community Support:

John the Ripper has a large and active user community. This means there are forums, mailing lists, and online resources available where users can seek help, share knowledge, and stay updated on the latest developments related to the tool.

It’s worth noting that while John the Ripper has advantages as a password-cracking tool, it should always be used responsibly and legally, with proper authorization and consent.

Disadvantages

While John the Ripper is a powerful and widely-used password-cracking tool, it also has some limitations and potential disadvantages:

Hardware Requirements:

Cracking passwords efficiently requires significant computational power. While John the Ripper is designed to utilize multi-core CPUs and GPUs, the cracking speed may still be limited by the available hardware resources. Cracking complex passwords can be resource-intensive and may require high-performance systems.

Limited Effectiveness against Strong Passwords:

Strong passwords that are long, complex, and unique can be extremely difficult to crack using any password-cracking tool, including John the Ripper. If users follow best practices and choose strong passwords, the tool’s effectiveness may be reduced significantly.

Dependency on Password Hashes:

It relies on obtaining password hashes from the target system or file. If the hashes are not accessible or the system uses additional security measures like salted hashes or encryption, the tool’s effectiveness may be limited.

Legal and Ethical Considerations:

The use of password-cracking tools like John the Ripper can have legal implications. Using it without proper authorization or in an unauthorized manner is illegal and unethical. It’s important to always adhere to legal boundaries and obtain proper consent before using such tools.

The syntax for John the Ripper

$ john file_name.txt --format=format_type

Types of Mode in John the Ripper Tool

These modes determine the strategies and techniques used by the tool to attempt password cracking. Here are some of the common modes:

A) Single Crack Mode:

In this mode, John the Ripper takes a single password hash and applies different cracking techniques to try and find the corresponding password. It uses a combination of methods such as brute force, dictionary attacks, and rule-based attacks to crack the password.

So, in secret_key.txt file I have stored some hash key.

┌──(kali㉿kali)-[~]
└─$ cat secret_key.txt 

 25d55ad283aa400af464c76d713c07ad
                                  

Now, its time to decrypt it with the tool.

┌──(kali㉿kali)-[~]
└─$ john secret_key.txt --format=Raw-MD5       
Using default input encoding: UTF-8
Loaded 1 password hash (Raw-MD5 [MD5 256/256 AVX2 8x3])
Warning: no OpenMP support for this hash type, consider --fork=2
Proceeding with single, rules:Single
Press 'q' or Ctrl-C to abort, almost any other key for status
Almost done: Processing the remaining buffered candidate passwords, if any.
Proceeding with wordlist:/usr/share/john/password.lst
12345678         (?)     
1g 0:00:00:00 DONE 2/3 (2023-06-09 05:07) 1.562g/s 600.0p/s 600.0c/s 600.0C/s 123456..larry
Use the "--show --format=Raw-MD5" options to display all of the cracked passwords reliably
Session completed. 

Here, you can see tool had decrypted the hash which is 12345678.

So, in single_mode.txt file I have stored some hash key.

┌──(kali㉿kali)-[~]
└─$ cat single_mode.txt

0cd698a0503946a852f2f81cc7d63ee3

Now, its time to decrypt it with the tool.

┌──(kali㉿kali)-[~]
└─$ john -single single_mode.txt --format=Raw-MD5 
Using default input encoding: UTF-8
Loaded 1 password hash (Raw-MD5 [MD5 256/256 AVX2 8x3])
Warning: no OpenMP support for this hash type, consider --fork=2
Press 'q' or Ctrl-C to abort, almost any other key for status
Warning: Only 2 candidates buffered for the current salt, minimum 24 needed for performance.
Warning: Only 16 candidates buffered for the current salt, minimum 24 needed for performance.
kali123          (kali)     
1g 0:00:00:00 DONE (2023-06-09 05:14) 2.500g/s 1560p/s 1560c/s 1560C/s Kali39..kali123
Use the "--show --format=Raw-MD5" options to display all of the cracked passwords reliably
Session completed. 

Here, you can see tool had decrypted the hash which is kali123.

Wordlist Mode:

This mode, also known as dictionary attack mode, uses a pre-generated list of words, commonly known as a wordlist or dictionary file. John the Ripper systematically tries each word in the list as a potential password to crack the hash. Users can provide their own wordlists or use existing ones available in John the Ripper’s default directory.

Incremental Mode:

In incremental mode, John the Ripper generates password candidates by systematically iterating through a defined character set and length. It starts with a minimum password length and progressively increases the length, trying all possible combinations until it finds a match.

External Mode:

This mode allows users to leverage external programs or scripts to generate password candidates. Users can define their custom password generation algorithms and integrate them with John the Ripper using the external mode.

These are some of the common modes in John the Ripper, and they offer different strategies and techniques for cracking password hashes. Users can select and configure the appropriate mode based on the target system, available information, and the desired cracking approach.

Recent Articles on Linux

  1. What is Linux Operating System | Introduction to Linux
  2. Directory in Linux Define | Linux Directory & its Commands
  3. Explain the chmod command in Linux | Linux chmod command
  4. Linux User Management || User Management in Linux
  5. Linux Computer Network Advanced Command | Network Command
  6. Redirection in Linux I/O| Linux I/O Redirection
  7. CronTab and Job Scheduling in Linux | Make CronTab Project
  1. Continue and Break Statement in Python
  2. Definition of Strings in Python with its Examples
  3. Numbers in Python | Introduction to Numbers in Python
  4. Loop in Python | Different Types of Loop in Python
  5. Sets in Python | Python Sets and Operations performs on them
  6. Conditional Statements in Python (With Examples)
  7. File Handling in Python and Operations performed on File Handling
  8. What are Dictionary in Python | Dictionary in Python, advantages
  9. Variables and Typecasting in Python || Variables in Python

By Vivek Maurya

Write blogs related to Ethical hacking, Computer networks, Linux, Penetration testing and Web3 Security.

Leave a Reply

Your email address will not be published. Required fields are marked *