John the ripper
John the ripper
korg | 19120 Reads | I'm writing this tutorial on john the ripper to help people understand it better. First thing to note is jtr is run in dos mode, Got lots of pm's that people can't get it to work when they click on it. No Clicking! First let's download jtr:http://www.openwall.com/john/ Unix=tar.gz windows=binaries,zip. We are going to use windows on this one,so unzip the file to harddrive.
Good next we need to load some wordlists for cracking, Here are a few to use: cain and abel wordlists http://www.theargon.com/achilles/wordlists/ Google wordlist,dictionary files. For this tut our wordlist will be wordlist.txt
Next we need the hash we'll use 32b1b6b90608cc6ebcdef12e2bec9282. Set this up in notepad, You need to define a name for your hash to crack. IE: admin:32b1b6b90608cc6ebcdef12e2bec9282. Now rename and save it to John\run. For this tut ours will be pass.txt
Ok let's crack, Open john, Start-run-cmd. Cd to john1701, cd to run. To check your files type dir this will list all your password files and wordlists for referrance
Here are the most basic commands to use:
Dictionary attack: John-386 -w:wordlist.txt pass.txt (you'll have more wordlists by now so change wordlist.txt to any dictionary file you have) Simple attack: john-386 si pass.txt Brute forcing: john-386 pass.txt john-386 -i:alpha pass.txt john-386 -i:digits pass.txt john-386 -i:all pass.txt Force cracking: john-386 -format:des pass.txt (replace des with the type of hash you are trying to crack bsdi,md5,lm)
Important to note john will not show you it's progress just hit the enter key to see where your at.
To stop cracking hit Ctrl-c. To resume at a later time type john-386 -restore, It will pick up where it left off.
To check your passwords that you've already done navigate to john.pot file on your harddrive (Not dos)
Hope this helps people get started in using jtr. There are more commands to use check your john-386.exe file and experiment.
Thanks for reading:
KORG
ghost 17 years ago
wo0t! This is a great artical. Great for the no0bs. I had to learn the hard way.. psst. /me crys. rofl!
AldarHawk 17 years ago
Yeah learning the hard way betters you SwiftNomad! :D I learnt this the hard way as well. Well Written…8/10
ghost 17 years ago
FYI:
-
If you're downloading all of the wordlists (http://www.theargon.com/achilles/wordlists/) I recommend using: https://addons.mozilla.org/firefox/201/
-
If u don't want to keep "CD'ing" into JTR's directory everytime you want to start it, then place it into ur system path, by going: CONTROL PANEL –> SYSTEM –> ADVANCED –> Environment Variables –> (Under System Variables) PATH [edit] –> ::Now add JTR's directory on the end of the path line, after the semicolon:: Now restart Windows, or just restard ur command prompt for the changes to take effect.
Yours truly, netfish
korg 17 years ago
Thanks for the comments guys. Netfish tried to keep this as basic as possible without confusing beginners, With to technical stuff like changing paths and such.
Flaming_figures 17 years ago
Alright, one question and comment. What are the diffs between all of them? (I know brute force and dict.) but what are like simple and forced? And good article, but maybe you should post that next to them.
ghost 17 years ago
could be made better adding few more option without making the thing complex… anyways…ok start for newbies
Frozen
korg 17 years ago
Again for people who can't read>>>This is for beginners to learn how to set it up and get started. If you don't understand the commands google them, As stated at the end There are more commands open the john.exe file and explore:angry: