top of page

Basics - How to use John The Ripper

John the ripper was used for the machine Vaccine (tier 2 starting point). In this example we have a zip file that is locked with a password that we don't know. We will use John The Ripper to crack the password


Open a new command prompt and change the directory to be in the same directory as where the backup.zip file is. So basically when you type ls you should see backup.zip


Let's first use zip2john to get the hash value


zip2john backup.zip > hash.txt

The hash value will be loaded into a new file called hash.txt


Type:

ls

You should now have backup.zip and a new file called hash.txt


cat hash.txt

This is the hash value




To find out how to use john, type

john -h

We can provide a wordlist by adding --wordlist=FILE


Let's locate the wordlist rockyou.txt

locate rockyou.txt

We find that it is located at /opt/useful/SecLists/Passwords/Leaked-Databases/rockyou.txt



john         --wordlist=/opt/useful/SecLists/Passwords/Leaked-Databases/rockyou.txt          hash.txt

This will load the wordlist and look for the hash value we just found and find the associated password for it.


Once the password is cracked, type:

john     --show     hash.txt

--show -----> show cracked password

The password is 741852963


1,037 views0 comments

Recent Posts

See All

Comments

Rated 0 out of 5 stars.
No ratings yet

Add a rating
bottom of page