Password Cracking

John-the-ripper-interactive-educational-guide

Zero Trust Security

Introduction-to-zero-trust-security

SQL Injection

Introduction-to-SQL-injection

Cryptography

Introduction-to-cryptography

Cryptography

Symmetric-encryption

Cryptography

Understanding-asymmetric-encryption

Phishing

Understanding-phishing

John the Ripper

Interactive Educational Guide

By Martin Wambugu


Start Here: What is JtR & Password Hashing?

John the Ripper (JtR) is a powerful open-source password cracking tool used primarily to identify weak passwords. It operates by attempting to guess a password from its hash.

What is Password Hashing?

Password hashing is a security process where passwords are transformed using a one-way mathematical function into a fixed-length string. This process ensures:

  • Original passwords are not stored directly.
  • It's computationally infeasible to reverse the hash back to the original password.

John the Ripper works by:

  1. Taking a list of guessed passwords.
  2. Hashing them using the same algorithm.
  3. Comparing them to target password hashes.

Disclaimer: This guide is strictly for educational purposes. Unauthorized access or password cracking is illegal. Always have explicit permission before testing any system.


JtR Command Simulator

(In the interactive version, users would select options to simulate cracking scenarios and commands.)

1. Choose a Scenario

Common cracking scenarios include:

  • Crack /etc/shadow Linux system passwords
  • Crack a single MD5 hash
  • Crack a password-protected ZIP file

2. Choose an Attack Mode

John supports various attack strategies:

Dictionary Attack

Uses a wordlist to test known passwords.

--wordlist=/usr/share/wordlists/rockyou.txt

Incremental Mode

Brute-forces all character combinations.

--incremental

Options:

  • Alnum: Alphanumeric characters
  • Alpha: Only letters
  • Digits: Numbers only

Single Crack Mode

Uses information in the hash file (e.g., usernames) as guesses.

--single

Rules-based Mode

Applies mutation rules to each word from the dictionary.

--wordlist=rockyou.txt --rules

3. Example: Generated Command

Scenario: Crack Linux hashes using a dictionary attack.

john --wordlist=/usr/share/wordlists/rockyou.txt my_hashes.txt

4. Simulated Terminal Output

Using default input encoding: UTF-8
Loaded 1 password hash (crypt, generic crypt(3) [?/64])
Cost 1 (algorithm [1:descrypt 2:md5crypt]) is 1234 for all loaded hashes
Press 'q' or Ctrl-C to abort, almost any other key for status
password123      (root)
1g 0:00:00:02 DONE (2025-06-03 11:37) 0.5000g/s 123.4p/s 123.4c/s 123.4C/s 123456..monkey
Session completed

Other Useful JtR Commands

Show Cracked Passwords

View already cracked passwords:

john --show [hash_file]

Restore an Interrupted Session

Resume a previously interrupted cracking session:

john --restore

Clean Up Saved Session

Remove saved session files:

john --session=SESSION_NAME --restore --no-log

Status Check (While Cracking)

Check the current status without stopping:

john --status

Learn More


Final Note

Remember: ethical hacking is responsible hacking. Always stay within legal and professional boundaries. Use this guide only in controlled environments or with explicit authorization.


© 2025 cysecinnovation All rights reserved