Password Cracking using John the Ripper

John the Ripper also called as John is an open source tool that can be used for password cracking or security auditing.

This tool comes inbuilt in Kali Linux but you can also install it on ubuntu or any other debian based distro using the command-

‘apt-get install john’

John the Ripper can crack various types of hashes like-

• Traditional DES-based
• bigcrypt
• BSDI extended DES-based
• FreeBSD MD5-based (linux and Cisco IOS)
• OpenBSD Blowfish-based
• Kerberos/AFS
• Windows LM (DES-based)
• DES-based tripcodes
• SHA-crypt hashes (newer versions of Fedora and Ubuntu)
• SHA-crypt and SUNMD5 hashes (Solaris)

But in this article we will learn to crack MD5, SHA1, SHA256 hashes. To crack some hashes we will need to generate some of them.You can download or create some hashes online or you can use the python programs given below to create MD5, SHA1, SHA256 hashes.

Create MD5 Hash-

import hashlib
x=str(input("Enter String to Encrypt:"))
print("Encrypted String is:")
print(hashlib.md5(x.encode()).hexdigest())

Create SHA1 Hash-

import hashlib
x=str(input("Enter String to Encrypt:"))
print("Encrypted String is:")
print(hashlib.sha1(x.encode()).hexdigest())

Create SHA256 Hash-

import hashlib
x=str(input("Enter String to Encrypt:"))
print("Encrypted String is:")
print(hashlib.sha256(x.encode()).hexdigest())

There are 3 main methods that John the Ripper uses to crack hashes.

1. Default (Single Crack Mode)
2. Brute Force(Incremental Mode)
3. Wordlist(Wordlist Mode)

1.Single Crack Mode-

To try this single crack mode you should first generate a hash using the above given programs and then save the hash in a text file.

If you have created MD5 hash then it can be cracked using the single crack mode by using the command-

john —format=raw-md5 <password.txt>

If you have created SHA1 hash then it can be cracked using the single crack mode by using the command-

john —format=raw-sha1 <password.txt>

If you have created SHA256 hash then it can be cracked using the single crack mode by using the command-

john —format=raw-sha256 <password.txt>

Here you have to replace <password.txt> by the name of the text file in which you have stored the hash.

2.Brute Force(Incremental Mode)

This is the strongest method.In this all combinations of number, alphabets and special characters are tried.

We should always start to crack using the single crack mode.If John it unable to crack it using the single crack mode then it would automatically move to the Incremental Mode i.e Brute Force.

Here we can see that the password was not cracked by the single crack mode and the default wordlist so John automatically proceeded using the Incremental Method.

3.Wordlist(Wordlist Mode)

In this mode we can set a specific wordlist of our choice which would contain a set of plain texts. These would be automatically hashed and compared with our hash(stored in the text file) by John.

The command to specify your own wordlist is-

john --wordlist=/usr/share/wordlists/rockyou.txt --format=raw-sha1 <password.txt>

Here we have used the rockyou.txt wordlist which is inbuilt in Kali Linux and contains about 14 Million commonly used passwords in plain text but you can use any wordlist you want by simply giving its path after the — wordlist.

This command given above will crack SHA1 hashes.To crack MD5 or SHA256 hashes simply replace the SHA1 in the above by MD5 or SHA256.