John the ripper explain

 How to Download John The Ripper

John the Ripper is a free open-source project. You can download it for free from the Openwall website or from its official Github repository. You should make sure to download the correct package for your OS.

If you have Kali Linux, then john should already be installed. You can find the correct location of the binary file by running the locate command.

locate john

Getting Started

Once you’ve successfully downloaded and installed John, you can launch it by typing the name of the binary file on your command prompt followed by a password file.

In the below example, passwordFile is a file that contains a list of password hashes that we want to crack.

./john passwordFile

This is the most basic command that you can use. Since we have not specified any parameter other than the password file, John will try to crack this file using the default options.

Although this is the simplest and easiest way to use John, it will not necessarily provide the desired results. For this, we have to specify additional options.

John’s Cracking Modes

When attempting to crack a password file using John the Ripper, the first thing you need to consider is how should John go about performing the cracking process.

John has three main cracking modes that you can choose from. Let’s see what each of these modes does.

Wordlist Mode

This is the most common way to use John the Ripper. In this mode, you can specify a path to a wordlist file that contains a list of possible passwords. John will test all the words contained in that wordlist and check if the correct password is present there. This process is what is known as a Dictionary Attack.

It is important that the wordlist contains one password per line. Otherwise, John the Ripper will not process it correctly.

In the example below, I am using the ‘–wordlist‘ option to specify the path to the wordlist file, which is ‘/usr/share/wordlists/rockyou.txt‘. If the correct password is in that file, John will display it.

./john --wordlist=/usr/share/wordlists/rockyou.txt passwordFile

* ‘passwordFile‘ is the text file that contains the password hashes that we want to crack.

To increase the chances of finding a correct password, you can enable the wordlist mode with mangling rules. By doing this, John will slightly modify each word in the wordlist. This will result in new likely passwords that aren’t necessarily present in the wordlist, and thus it will increase your chances of finding the correct one.

To enable mangling rules, you can use the ‘–rules‘ option. However, you should note that this will take a longer time to process the wordlist.

Hash Formats

By default, John the Ripper detects the hash type and then tries to crack the password based on that type. However, John can sometimes miss the correct type. In this case, it would be better to bypass the automatic hash detection and manually specify the type. To do so, you can use the ‘–format‘ option followed by the hash type.

For example, the following command will crack the MD5 hashes contained in passwordFile:

./john --format=Raw-MD5 passwordFile

To get the list of all supported hash formats, you can run the following command:

./john --list=formats

You now have all the basics that you need to start cracking passwords using John the Ripper.