John the Ripper for Dummies
John the Ripper for Dummies
John the Ripper is an extremely useful and bloody fast decryption tool that can be used for several types of hashes, today I will only cover DES being that it is the most common type.
A DES looks something along the lines of this lemur:anfoewnfona don’t bother to decrypt that, I made it up.
First off you notice that when you click on it, what happens? A command prompt flies by your face! Where’d it go? It’s an application known as command line, you must open it through cmd or terminal depending on your OS.
Cd to its directory and type the application name, take a look at the options you see there, this is how John works.
Take ALL DES hashes you want cracked and put them in the file passwd.txt . Once you have that you need a good wordlist. The best I know of are from The Argon List. http://www.theargon.com
Got a nice big one downloaded? Put it in Johns directory for convenience sakes.
Open up john. A simple way to crack them is the wordlist mode, enter the command
john -w:wordlisthere passfilehere > result.txt
this will use your word list and output the result to a text file in the same directory. Simple enough, fast, easy, and dang useful for some things!
If you get a no pass hashes loaded error them your password file isn’t configured properly.
Have fun with John!
Futility 16 years ago
Plenty of better articles written on this. What happens when the wordlist doesn't get the pass? What other commands are there for use in JTR? Maybe you should have gone into what the format of the hash means? It's called JTR for dummies, not 'how to crack DES hashes using a wordlist and JTR' But that's just my opinion- who knows, maybe you helped someone out?
ghost 16 years ago
Quoted From Lemur "If you get a no pass hashes loaded error them your password file isn't configured properly."
It can be the password is cracked. Which is stored inside the john.pot file.. ;)