John the Ripper is a fast password cracker, currently available for many flavors of Unix, Windows, DOS, BeOS, and OpenVMS. Its primary purpose is to detect weak Unix passwords. It is one of the most popular password testing and breaking programs as it combines a number of password crackers into one package, autodetects password hash types, and includes a customizable cracker.
It can be run against various encrypted password formats including several crypt password hash types most commonly found on various Unix flavors (based on DES, MD5, or Blowfish), Kerberos AFS, and Windows NT/2000/XP/2003 LM hash. Additional modules have extended its ability to include MD4-based password hashes and passwords stored in LDAP, MySQL, and others. .
Download - Install JTR
Download one of the latest official free versions of JTR from the official site Next we will extract the .tar.gz file typing the following command:
Code:
1
tar -xzf john-1.7.8.tar.gz
Code:
1:root@stoker:~# john
John the Ripper password cracker, version 1.7.8
Copyright (c) 1996-2011 by Solar Designer
Homepage: http://www.openwall.com/john/
Usage: john [OPTIONS] [PASSWORD-FILES]
--single "single crack" mode
--wordlist=FILE --stdin wordlist mode, read words from FILE or stdin
--rules enable word mangling rules for wordlist mode
--incremental[=MODE] "incremental" mode [using section MODE]
--external=MODE external mode or word filter
--stdout[=LENGTH] just output candidate passwords [cut at LENGTH]
--restore[=NAME] restore an interrupted session [called NAME]
--session=NAME give a new session the NAME
--status[=NAME] print status of a session [called NAME]
--make-charset=FILE make a charset, FILE will be overwritten
--show show cracked passwords
--test[=TIME] run tests and benchmarks for TIME seconds each
--users=[-]LOGIN|UID[,..] [do not] load this (these) user(s) only
--groups=[-]GID[,..] load users [not] of this (these) group(s) only
--shells=[-]SHELL[,..] load users with[out] this (these) shell(s) only
--salts=[-]COUNT load salts with[out] at least COUNT passwords only
--format=NAME force hash type NAME: DES/BSDI/MD5/BF/AFS/LM/crypt
--save-memory=LEVEL enable memory saving, at LEVEL 1..3Options may be specified along with password files or on their own. All options are case sensitive, can be abbreviated as long as the abbreviations are unambiguous, can be prefixed with two dashes (GNU-style) or with one dash, and can use "=" or ":" to indicate an argument.
Enables the "single crack" mode, using rules from the configuration file section.
--single .
Code:
1
john --single file_to_crack.txt
Code:
1
john --wordfile:password.lst file_to_crack.txt--rules
Enables an incremental mode that allows you to do a bruteforce attack under certain modes.
--incremental[=MODE]
Code:
1
2
john --incremental:alpha file_to_crack.txt
john --incremental:digits file_to_crack.txt--restore[=NAME].
Code:
1
john --restore:restoreOn this part of tutorial we will create and crack a Hash .txt file which will include some passwords (LM/NTLM/HASH format).
First lets create the crack .txt file.
Code:
1
root@stoker:~# nano crack_Hash_id1.txt
Code:
1
Editor::A4A54C86C6E5B8D0D69E92D4A9360EB0:FC4CB75BCC71D23954F4C94AD31AF0B1:::
Code:
1:root@stoker:~# john crack_Hash_id1.txt
Loaded 2 password hashes with no different salts (LM DES [128/128 BS SSE2-16])
ATSIS (Editor:2)
FOTISLI (Editor:1)
guesses: 2 time: 0:00:00:50 (3) c/s: 20094K trying: FOTILVY - FOTIBFA
Warning: passwords printed above might be partial
Use the "--show" option to display all of the cracked passwords reliably
Code:
1:root@stoker:~# john --show crack_Hash_id1.txt
Editor:FOTISLIATSIS::FC4CB75BCC71D23954F4C94AD31AF0B1:::
2 password hashes cracked, 0 left
0 comments:
Post a Comment