How To Use John The Ripper Windows

Nosotros learned well-nigh of the bones data on John the Ripper in our Previous Commodity which tin be found hither. In this article, we will apply John the Ripper to crack the countersign hashes of some of the file formats similar zip, rar, pdf and much more.

To crack these password hashes, we are going to apply some of the inbuilt and another utilities which extract the password hash from the locked file. There are some utilities that come up inbuilt with John which tin can be found using the following command.

locate *2john

Every bit you can run into that we have the following utilities, we will demonstrate some of them here.

Cracking the SSH Countersign Hash

John the Ripper can crack the SSH private key which is created in RSA Encryption. To test the keen of the individual fundamental, outset, we will have to create a prepare of new private keys. To practise this we will use a utility that comes with ssh, called "ssh-keygen".

ssh-keygen

After opening, it asks for the location at which nosotros want the public/individual RSA central pair to store? You lot can use any location or yous tin leave it as default.

After that it asks for the passphrase, afterwards entering the password again, nosotros successfully generate the RSA private fundamental. (Refer the image)

When yous volition endeavor to open the file, yous will exist greeted by the post-obit prompt.

Now John cannot directly cleft this key, first, we will have to modify its format, which tin can be done using a john utility called "ssh2john".

Syntax: ssh2john [location of primal]

ssh2john /dwelling/pavan/.ssh/id_rsa > crevice.txt

You can see that we converted the fundamental to a crackable hash and so entered it into a text file named id_rsa.txt.

Now let's use John the Ripper to crack this hash.

john --wordlist=/usr/share/wordlists/rockyou.txt id_rsa.txt

Great! Nosotros have successfully cracked the passphrase used to create the private ssh fundamental to be "password123"

Cracking the KeepPass2 Password Hash

John the Ripper tin can crevice the KeepPass2 key. To test the cracking of the fundamental, offset, nosotros volition accept to create a prepare of new keys. To do this nosotros will use a utility that is called "kpcli".

kpcli

Now we will create a database file using the control "save as" and naming the database file as ignite.kdb and entering a passcode to secure it.

When y'all will try to open the file, you will be greeted by the following prompt.

Now John cannot directly crack this cardinal, first, we will have to change its format, which can be done using a john utility called "keepass2john".

Syntax: keepass2john [location of key]

keepass2john ignite.kdb > crack.txt

Now let's utilise John the Ripper to crack this hash.

john --wordlist=/usr/share/wordlists/rockyou.txt crevice.txt

Great! Nosotros accept successfully cracked the passphrase used to create the central to be "12345678"

Cracking the RAR Password Hash

At present we will crack some compressed files, to practice that nosotros volition accept to create a file to be compressed so allow'due south do that using repeat command as shown in the given screenshot.

You can see that nosotros created a file.txt which nosotros volition be using to create compressed files.

repeat hackingarticles.in > file.txt

John the Ripper can crack the RAR file passwords. To test the cracking of the countersign, start, permit's create a compressed encrypted rar file.

rar a -hpabc123 file.rar file.txt

a = Add files to archive
hp[password] = Encrypt both file data and headers

This volition compress and encrypt our file.txt into a file.rar. So, when you will endeavor to open the file, you will be greeted by the following prompt.

Now John cannot directly crack this key, outset, we volition have to change it format, which tin can exist done using a john utility called "rar2john".

Syntax: rar2john [location of primal]

rar2john file.rar > crack.txt

At present allow's employ John the Ripper to crack this hash.

john --wordlist=/usr/share/wordlists/rockyou.txt crevice.txt

Nifty! We have successfully cracked the passphrase used to create the key to be "abc123"

Swell the ZIP Countersign Hash

John the Ripper can crack the ZIP file passwords. To test the dandy of the password, first, allow'south create a compressed encrypted zip file.

zip -er file.nada file.txt

east = Encrypt
r = Recurse into directories

This volition compress and encrypt our file.txt into a file.nada. So, when you will try to open the file, you will be greeted by the following prompt.

Now John cannot directly scissure this key, first, we will accept to change its format, which can be done using a john utility called "zip2john".

Syntax: zip2john [location of key]

zip2john file.cipher > scissure.txt

Now let's utilize John the Ripper to fissure this hash.

john --wordlist=/usr/share/wordlists/rockyou.txt scissure.txt

Dandy! We have successfully cracked the passphrase used to create the key to exist "654321"

Cracking the vii-Null Countersign Hash

John the Ripper tin cleft the seven-Zip file passwords. To test the cracking of the countersign, first, let's create a compressed encrypted 7z file.

7z a -mhe file.7z file.txt -p"password"

a = Add files to archive
g = Set compression Method
h = Calculate hash values for files
e = Encrypt file
p = set Password

This will compress and encrypt our file.txt into a file.7z. So, when you will try to open up the file, you volition be greeted past the following prompt.

Now John cannot straight cleft this primal, outset, nosotros volition alter its format, which can be washed using a john utility called "7z2john". This is not inbuilt utility, Information technology can be downloaded from here.

Syntax: zip2john [location of cardinal]

python 7z2john.py file.7z > cleft.txt

Now let's utilise John the Ripper to crack this hash.

john –wordlist=/usr/share/wordlists/rockyou.txt cleft.txt

Bang-up! We have successfully cracked the passphrase used to create the key to be "countersign"

Great the PDF Password Hash

John the Ripper can cleft the PDF file passwords. You tin can encrypt your pdf online by using this website. This will compress and encrypt our pdf into a countersign protected file.pdf. So, when you will try to open the file, you will be greeted past the post-obit prompt.

At present John cannot directly crack this central, offset, nosotros will have to alter its format, which can be done using a john utility called "pdf2john". This is not an inbuilt utility, it tin can exist downloaded from here.

Syntax: pdf2john [location of key]

python pdf2john.py file.pdf > crack.txt

Now let's use John the Ripper to crack this hash.

john –wordlist=/usr/share/wordlists/rockyou.txt fissure.txt

Great! We accept successfully croaky the passphrase used to create the fundamental to be "password123".

Cracking the PuTTY Password Hash

John the Ripper can crevice the PuTTY private fundamental which is created in RSA Encryption. To examination the cracking of the individual key, first, we volition take to create a set of new individual keys. To do this we volition utilize a utility that comes with PuTTY, chosen "PuTTY Key Generator".

Click on "Generate". Later Generating the cardinal, we get a window where we will input the cardinal passphrase every bit shown in the image.

After inbound the passphrase, click on Save private key to go a private key in the form of a .ppk file

Afterwards generating transfer this .ppk file to Kali Linux.

Now John cannot straight crevice this cardinal, first, we will have to alter its format, which can be done using a john utility chosen "putty2john".

Syntax: putty2john [location of key]

putty2john file.ppk > scissure.txt

You lot tin see that we converted the key to a crackable hash and then entered it into a text file named crack.txt.

Now let'due south utilise John the Ripper to crack this hash.

john –w=/usr/share/wordlists/rockyou.txt crack.txt

Smashing! Nosotros have successfully cracked the passphrase used to create the individual PuTTY key to exist "password".

Cracking the "Password Safe" Password Hash

John the Ripper can crack the Password Safe Software's primal. To exam the cracking of the fundamental, commencement, we volition take to create a ready of new keys. To do this we will install the Password Safe Software on our Windows 10 System.

To go a new central, Click on "New"

In this prompt, check the Show Combination Box. Later on that Enter the passphrase yous desire to employ to generate the key. This will generate a .psafe3 file.

After generating transfer this .safe3 file to Kali Linux.

Now John cannot direct crack this cardinal, commencement, nosotros will have to change its format, which can be done using a john utility called "pwsafe2john".

Syntax: pwsafe2john [location of central]

pwsafe2john ignite.psafe3 > scissure.txt

You can meet that nosotros converted the key to a crackable hash and then entered it into a text file named crack.txt.

Now let'southward apply John the Ripper to scissure this hash.

john –w=/usr/share/wordlists/rockyou.txt fissure.txt

Great! We accept successfully cracked the passphrase used to create the private pwsafe key to exist "password123"

Writer: Pavandeep Singh is a Technical Author, Researcher and Penetration Tester Contacthere