top of page

Basics - How to use John The Ripper

John the ripper was used for the machine Vaccine (tier 2 starting point). In this example we have a zip file that is locked with a password that we don't know. We will use John The Ripper to crack the password

Open a new command prompt and change the directory to be in the same directory as where the file is. So basically when you type ls you should see

Let's first use zip2john to get the hash value

zip2john > hash.txt

The hash value will be loaded into a new file called hash.txt



You should now have and a new file called hash.txt

cat hash.txt

This is the hash value

To find out how to use john, type

john -h

We can provide a wordlist by adding --wordlist=FILE

Let's locate the wordlist rockyou.txt

locate rockyou.txt

We find that it is located at /opt/useful/SecLists/Passwords/Leaked-Databases/rockyou.txt

john         --wordlist=/opt/useful/SecLists/Passwords/Leaked-Databases/rockyou.txt          hash.txt

This will load the wordlist and look for the hash value we just found and find the associated password for it.

Once the password is cracked, type:

john     --show     hash.txt

--show -----> show cracked password

The password is 741852963

I also created a short YouTube video on how to use John The Ripper

1,071 views0 comments

Recent Posts

See All

Basics - Useful commands

If your shell is not stable use this command to make it more stable python3 -c 'import pty; pty.spawn(“/bin/bash”)'


Rated 0 out of 5 stars.
No ratings yet

Add a rating
bottom of page