How to use the command 'john' (with examples)

How to use the command 'john' (with examples)

John the Ripper is a popular password-cracking tool used to crack password hashes. It supports various hash formats and can utilize wordlists and rules to crack passwords efficiently.

Use case 1: Crack password hashes

Code:

john path/to/hashes.txt

Motivation: In this use case, we use the ‘john’ command to crack password hashes stored in the specified file. This is useful when you have obtained password hashes through various means (e.g., from a compromised system) and want to crack them to gain access to user accounts.

Explanation:

  • john: The command itself.
  • path/to/hashes.txt: The path to the file containing the password hashes to crack.

Example output:

Loaded 10 password hashes with no different salts (NT [MD4 128/128 X2])
...
0 password hashes cracked, 10 left

Use case 2: Show passwords cracked

Code:

john --show path/to/hashes.txt

Motivation: After cracking password hashes, it is essential to verify the cracked passwords. This use case allows you to display the cracked passwords from the specified file containing the hashes.

Explanation:

  • --show: A flag that tells ‘john’ to display cracked passwords.
  • path/to/hashes.txt: The path to the file containing the password hashes.

Example output:

user1:password123
...
user10:p@ssw0rd

Use case 3: Display users’ cracked passwords by user identifier from multiple files

Code:

john --show --users=user_ids path/to/hashes* path/to/other/hashes*

Motivation: When working with multiple password hash files, this use case helps extract and display the cracked passwords associated with specific user identifiers. It allows you to organize and filter the results based on user accounts.

Explanation:

  • --show: A flag that enables displaying cracked passwords.
  • --users=user_ids: Specifies the user identifiers for which the cracked passwords should be displayed.
  • path/to/hashes*: The wildcard path pattern to multiple files containing password hashes.

Example output:

user1:password123
user2:passw0rd
...
user8:securepass

Use case 4: Crack password hashes, using a custom wordlist

Code:

john --wordlist=path/to/wordlist.txt path/to/hashes.txt

Motivation: By providing a custom wordlist, you can improve the chances of cracking password hashes by using words likely to be part of users’ passwords or known password patterns.

Explanation:

  • --wordlist=path/to/wordlist.txt: Specifies the path to the custom wordlist file.
  • path/to/hashes.txt: The path to the file containing the password hashes.

Example output:

Loaded 10 password hashes with no different salts (NT [MD4 128/128 X2])
...
7 password hashes cracked, 3 left

Use case 5: List available hash formats

Code:

john --list=formats

Motivation: The ‘john’ command supports several hash formats. This use case provides a list of available hash formats that you can use when cracking password hashes.

Explanation:

  • --list=formats: This flag requests ‘john’ to list all the available hash formats.

Example output:

john formats:

Format Name     | Format Description
------------------------------------------------
md5crypt        | MD5 Crypt
sha512crypt     | SHA512 Crypt                                                   
...

Use case 6: Crack password hashes, using a specific hash format

Code:

john --format=md5crypt path/to/hashes.txt

Motivation: In scenarios where you know the hash format used, you can specify it using this use case. This allows ‘john’ to optimize its cracking techniques based on the known format.

Explanation:

  • --format=md5crypt: Specifies the hash format (in this case, ‘md5crypt’) to use for cracking the password hashes.
  • path/to/hashes.txt: The path to the file containing the password hashes.

Example output:

Loaded 10 password hashes with no different salts (md5crypt [MD5 128/128 AVX 4x2])
...
10 password hashes cracked, 0 left

Use case 7: Crack password hashes, enabling word mangling rules

Code:

john --rules path/to/hashes.txt

Motivation: Word mangling rules allow you to apply various modifications to words from the wordlist, such as capitalization, appending common number sequences, or replacing characters. This increases the chances of cracking password hashes.

Explanation:

  • --rules: A flag that enables word mangling rules.
  • path/to/hashes.txt: The path to the file containing the password hashes.

Example output:

Loaded 10 password hashes with no different salts (NT [MD4 128/128 X2])
...
10 password hashes cracked, 0 left

Use case 8: Restore an interrupted cracking session from a state file

Code:

john --restore=path/to/mycrack.rec

Motivation: In cases where the cracking process is interrupted or stopped, you can resume the cracking session from a previously saved state file. This allows ‘john’ to continue where it left off instead of starting from scratch.

Explanation:

  • --restore=path/to/mycrack.rec: Specifies the path to the state file containing the saved progress.

Example output:

Restored 5 sessions, 5 hashes loaded (0.31 k/s)
...

Conclusion:

The ‘john’ command is a versatile password-cracking tool that provides various use cases to efficiently crack password hashes. Whether you need to crack hashes, display cracked passwords, or utilize custom wordlists and rules, ‘john’ offers the flexibility and functionality required in password security assessments.

Tags :

Related Posts

How to use the command 'do-release-upgrade' (with examples)

How to use the command 'do-release-upgrade' (with examples)

The command ‘do-release-upgrade’ is an Ubuntu-specific command used for upgrading the entire operating system to a new release.

Read More
How to use the command rtv (with examples)

How to use the command rtv (with examples)

Reddit Terminal Viewer (rtv) is a command-line tool that allows you to browse Reddit right from your terminal.

Read More
Nmap Command Examples (with examples)

Nmap Command Examples (with examples)

Nmap is a powerful network exploration tool and security/port scanner that is commonly used for network and system auditing.

Read More