Category: John the Ripper

All about John!

Brute-force, Cracking, John the Ripper

Crack RAR passwords – Bruteforcing

1> Open your kali Distribution 2> Extract password hash from your rar file: /usr/share/metasploit-framework/data/john/run.linux.x64.mmx/rar2john Desktop/myfile.rar > Desktop/myrarfile.hash/usr/share/metasploit-framework/data/john/run.linux.x64.mmx/rar2john Desktop/myfile.rar > Desktop/myrarfile.hash 3> Try to crack rar file password by bruteforcing it with john and its default passwords list. john Desktop/myrarfile.hashjohn Desktop/myrarfile.hash John Homepage: http://www.openwall.com/john/

Brute-force, Cracking, John the Ripper

Crack linux passwords – Bruteforce

> Open your kali distribution where john the ripper is already installed. > Assuming you have a copy of a passwd file and a copy of a shadow file. > Unshadow files: /usr/sbin/unshadow /path/to/file/passwd /path/to/file/shadow > /tmp/passwords2crack/usr/sbin/unshadow /path/to/file/passwd /path/to/file/shadow > /tmp/passwords2crack > Crack passwords with john by bruteforcing them. john /tmp/passwords2crack –showjohn /tmp/passwords2crack –show or …

Brute-force, Cracking, John the Ripper

Crack zip passwords – Bruteforcing

1> Open your kali Distribution 2> Extract password hash from your zip file: /usr/share/metasploit-framework/data/john/run.linux.x64.mmx/zip2john Desktop/myfile.zip > Desktop/myzipfile.hash/usr/share/metasploit-framework/data/john/run.linux.x64.mmx/zip2john Desktop/myfile.zip > Desktop/myzipfile.hash 3> Try to crack password by bruteforcing it using john and its default passwords lists. john Desktop/myzipfile.hashjohn Desktop/myzipfile.hash John Homepage: http://www.openwall.com/john/ Usage: john [OPTIONS] [PASSWORD-FILES]john [OPTIONS] [PASSWORD-FILES] Options: –config=FILE use FILE instead of john.conf or …

Cracking, John the Ripper, Metasploit, MySQL

Cracking MySQL passwords with John The Ripper

Dump MySQL Password Hashes mysql_hashdump extracts the usernames and encrypted password hashes from a MySQL server. You can then use jtr_mysql_fast module to crack them. The module is located in auxiliary/scanner/mysql. To use it set RHOSTS option to your target’s ip address and increase THREADS value. If you have managed to reveal root password then …

Cracking, John the Ripper, Passwords

How to crack passwords with John the ripper

John the Ripper – is free and Open Source. You can find some passwords lists: here, here and here. To provide a wordlist to john you can do it with –wordlist argument like this: –wordlist=password.lst Suppose that you have a file passwords.txt like this: george:827ccb0eea8a706c4c34a16891f84e7b thanos:202cb962ac59075b964b07152d234b70 If you have installed john already, issue the folowing …