John the Ripper Installation and Crack Password

John the Ripper is a free, most popular and open-source password cracking tool developed by Openwall. It was first developed for Unix operating system and now runs many operating systems including Unix, macOS, Windows, DOS, Linux, and OpenVMS. Its main purpose is to detact weak Passwords.

John the Ripper uses several cracking modes that crack hashed password. You can also use custom cracking mode using in-built compiler. John the Ripper uses dictionary attack and brute force attacks to crack the password.

In this article we will install John the Ripper software and use some useful commands to crack password.

Prerequisite

We assume you have already knows about Linux system and about Terminal and command line. We akso assume you have some basic knowledge about cracking, encryption and decryption of password.

Installation

There are many ways to install JohnTheRipper. Here we will use some of the easy ways to install. The easiest way to install JohnTheRipper is directly from command line. For that open Terminal by pressing shortcut CTRL+ALT+T and run the bellow command.

sudo apt install john

Now type john in Terminal and you will see bellow message.

Run the test mode

john --test

Or you can also download from Github and build. First let's build John the Ripper. Run the following command one bye one. First install required tools for the installation.

sudo apt-get install build-essential libssl-dev

Also install recommended software.

sudo apt-get install yasm libgmp-dev libpcap-dev libnss3-dev libkrb5-dev pkg-config libbz2-dev zlib1g-dev

Change working dirctory to ~/src folder.

cd ~/src

Download latest version of JohnTheRipper from GitHub.

git clone git://github.com/magnumripper/JohnTheRipper -b bleeding-jumbo john

Go to project dirctory.

cd ~/src/john/src

And build from code.

./configure && make -s clean && make -sj4

Test the installed build.

../run/john --test

Crack Ubuntu Password

Linux saves its password in /etc/shadow file. So run bellow command to get User password. This will take time depends on your system configuration and password strength.

sudo john /etc/shadow

If it successfully cracks password, then it will return with following response.

Crack hashed password

One use of John The Ripper is to decrypt the hashed password. For the simplicity, we used simple password. First create password.txt file and put user and hashed password in user:password format. And run the command:

john password.txt

If password is successfully cracked, then it will get bellow response:

You can also choose specific encryption method with --format option:

john -format=raw-md5 password.txt

Or use specific wordlist file with --wordlist option:

john --wordlist=wordlist.lst password.txt

Pass --show argument to get cracked password.

john password.txt --show

The password is also saved to ~/.john/john.pot file.

Crack password protected zip/rar file

The other example we use is to crack password protected zip/rar file. There is 2 executable file at location john/run/zip2john and john/run/rar2john in John the Ripper programme. To crack the password protected zip file, execute zip2john file with 2 argument as bellow:

./zip2john ../zip-file.zip ../saved-file.txt

The first ../zip-file.zip is the location of the password protected zip file and ../saved-file.txt is the file where password will be saved. Similarly for rar file, use ./rar2john command to crack password for rar file.

After getting password at saved-file.txt file, crack hashed password with bellow command.

john –format=zip/rar saved-file.txt

And you will get cracked password.

Conclusion

In the last, I will only tell that this is just basic example of cracking password. There are many ways to crack password using many software. Try to search more ways and more software searching from internet.