Page 1 of 2 12 LastLast
Results 1 to 10 of 12

Thread: John The Ripper

Hybrid View

  1. #1
    Just burned his ISO heng5150's Avatar
    Join Date
    Feb 2007
    Posts
    2

    Default John The Ripper

    I'm a noob to Linux and want to learn how to use John The Ripper. Please help

  2. #2
    Senior Member
    Join Date
    Apr 2007
    Posts
    3,385

    Default

    Quote Originally Posted by heng5150 View Post
    I'm a noob to Linux and want to learn how to use John The Ripper. Please help


    PLEASE NOTE THIS IS NOT MY WORK!!!

    I SPACED OUT THE : D BECAUSE OUR FORM MAKES THOSE 2 CHARACTERS WHEN TOGETHER..A GRIN SMILEY!!!



    BTW This is for windows.........not Linux.
    John the Ripper is a decrypting program for passwords. Although it has many
    functions we will be looking at using it as a decryper for password files
    you possess.

    We will be looking at Password Files which you have put on your Hard Disk

    -----------------
    TABLE OF CONTENTS
    -----------------
    - PREPARATION
    SHORTCUT TIP FOR WINDOWS 95
    PASSWORD FILES
    - DECRYPTING
    JTR MODES
    SINGLE MODE
    WORDFILE MODE
    INCREMENTAL MODE
    ALPHA
    DIGITS
    ALL
    SHOW MODE - Saving the Decrypted Files
    - ADVANCED COMMANDS
    STOPPING JTR
    RULES
    SESSION and RESTORE
    - JTR QUICK REFERENCE
    - SCREEN SHOT OF A JTR SESSION

    --------------------


    -----------
    PREPARATION
    -----------
    1. Download the correct version of JTR, use win32 for Win 95/98
    2. Extract the zip File into a Directory
    3. Make sure you have your Password Files in the same directory

    ---------------------------
    SHORTCUT TIP FOR WINDOWS 95
    ---------------------------
    1. Right Click on the [Start] Button, and choose Open
    2. Double Click on [Programs] Folder
    3. Right Click and Copy, [MS-DOS Prompt]
    4. Close the [Programs] Folder
    5. Right Click and Paste on the Desktop, a [MS-DOS Prompt] should appear
    6. Right Click on the [MS-DOS Prompt] icon and choose Properties
    7. Click on the Program Tab
    8. In the box next to Working (It should have C:\WINDOWS in there) Change
    it to the Directory of where-ever the Program JOHN.EXE has been
    extracted
    9. Click on the [OK] button
    10. Test what you have done by Double Clicking on the Icon, If you wish to
    rename [MS-DOS Prompt] to JTR, then do so

    --------------
    PASSWORD FILES
    --------------
    A. Naming
    I personally name my files with a p extension, some people use txt
    eg If i had the password file to Dannis', I would name it danni.p
    The reason is that p stands for password file, I then name my decrypted
    password files with a txt extension
    It is really up to you what you name your password files, just remember
    that the names should be less than 8 characters
    eg likethis.p
    B. Where should I put them?
    Always have the password files you have found in the same directory as
    JOHN.EXE, Its just easier to handle them that way

    ----------
    DECRYPTING
    ----------
    Depending on what JTR version you have downloaded, you have to change into
    the directory JOHN.EXE is

    ---------
    JTR MODES
    ---------
    There are 3 main modes we will be dealing with
    -single, -wordfile, -incremental

    [KEYS]
    [passfile] - this is the name of your password file
    [wordlist] - this is the name of your wordlist
    [output] - this is the name of the file you will name when you want to
    save your decrypted passwords

    -----------
    SINGLE MODE
    -----------
    Single Mode attempts to find the weakest of all the passwords. This is one
    of the fastest methods.

    SINGLE MODE SYNTAX
    john -single [passfile]
    or you could use
    john -si [passfile]

    Example:
    If you found a [passfile] and named it danni.p then you would type
    john -si danni.p

    Take a look at SCREEN SHOT OF A JTR SESSION

    -------------
    WORDFILE MODE
    -------------
    Wordfile Mode is the next quickest method. It requires the use of a wordlist
    The wordlist must be in a single wordlist and not a combo list

    WORDFILE SYNTAX
    john -wordfile:[wordlist] [passfile]
    or
    john -w:[wordlist] [passfile]

    Example:
    If you found a [passfile] and named it danni.p and you had a [wordlist]
    named mydict.txt then you would type

    john -w:mydict.txt danni.p

    Take a look at SCREEN SHOT OF A JTR SESSION

    ----------------
    INCREMENTAL MODE
    ----------------
    Incremental mode is the slowest mode and will try to decrypt every pass in
    your passfile, as this can take days, months even years, I would use it as
    a last resort

    There are 4 basic commands we will be dealing with
    digits, alpha, all, and leaving it blank

    DIGITS mode
    This will try to decrypt all the Passwords that are in numbers

    ALPHA mode
    This will try to decrypt all the Passwords that are letters only

    ALL mode
    This will try to decrypt all the Passwords, whether they are in numbers, in
    letters or some special characters (@!^&...etc)

    WITH NO MODE SELECTED
    This will basically do everything to try to decrypt the password file

    SYNTAX
    john -i [passfile]
    john -i: DIGITS [passfile]
    john -i:ALPHA [passfile]
    john -i:ALL [passfile]

    Example:
    If you found a [passfile] and named it danni.p
    john -i danni.p
    john -i: DIGITS danni.p
    john -i:ALPHA danni.p
    john -i:ALL danni.p

    Take a look at SCREEN SHOT OF A JTR SESSION

    When running in this mode, If you ever want to stop it push CTRL - C

    --------------------------------------
    SHOW MODE - Saving the Decrypted Files
    --------------------------------------
    Finally, once JTR has finished its decrypting process, you will be ready
    to enjoy the results. These you will save in a file name of your choice.

    SHOW SYNTAX
    john -show [passfile]>[output]

    Example:
    If you found a [passfile] and named it danni.p, you decide you want to name the
    decrypted password file or [output] to danni.txt

    john -show danni.p>danni.txt

    Now you can open danni.txt in a TEXT EDITOR
    You will see something like this

    italia:italiano
    makoto:makotox
    PADWICK:PADWICKH
    kelley:kelleyaj
    bechtel:jbechtel
    mequery:queryme
    seeeee:meeeee
    stevewm:stevenm

    8 passwords cracked, 246 left

    Hopefully you will get more passwords than the example though


    -----------------
    ADVANCED COMMANDS
    -----------------
    Here are a few more commands which prove handy when using JTR

    ------------
    STOPPING JTR
    ------------
    If at anytime you wish to stop the decrypting process then
    Hold down the [ CTRL ] key and Push the [ C ] key

    -----
    RULES
    -----
    This command is used with the Wordfile Option, without it JTR will try only
    the words in your wordlist. When this is activated it will try variations as
    outlined in the john.ini file. This is also quite slow

    RULES SYNTAX
    john w:[wordlist] -rules [passfile]

    ------------------
    SESSION & RESTORE
    ------------------
    Decrypting by now you will notice can become a long a slow process, JTR
    allows you to save save and restore sessions. A session is like a snap
    shot of what you are decrypting. It remembers what file you used, and
    where you were at if you decide to stop it. session can be used with any
    of the main modes.

    SESSION & RESTORE SYNTAX
    john -restore
    john -restore:[session name]
    john -session:[session name]

    [session name] is any name you choose

    EXAMPLE
    -------
    Lets say you want to decrypt a file named danni.p

    OK you've used the -si mode, which was quick
    With your trusty wordlist file named biglist.txt you next run the -w mode

    FINAL NOTES
    -----------
    There are many other features that JTR uses, that are Advanced, these can be
    found in the DOC folder in JTR, just use a text editor to open and read them
    We were only concerned with getting at least 50% of the passwords. This may
    be achieved by SINGLE and WORDFILE modes
    SPEED is dependant on your CPU, If you screen looks like its frozen and
    doing nothing, just hit any key a couple of times, you will see a mini
    progress report.
    Speed is also dependant on the size of your password file and the number of
    salts, A salt can be thought of as a slightly different way to encrypt a
    file. As there are many ways to encrypt a single password


    -------------------
    JTR QUICK REFERENCE
    -------------------
    [KEYS]
    [passfile] - this is the name of your password file
    [wordlist] - this is the name of your wordlist
    [output] - this is the name of the file you will name when you want to
    save your decrypted passwords
    : - whenever you see a colon then use it in the command
    - - whenever you see a minus sign then use it in the command
    > - whenever you see this sign then use it in the command
    [] - DO NOT INCLUDE THESE IN THE COMMAND

    SINGLE MODE
    john -si [passfile]
    WORDFILE MODE
    john -w:[wordlist] [passfile]
    INCREMENTAL MODES
    john -i [passfile]
    john -i:ALL [passfile]
    john -i: DIGITS [passfile]
    john -i:ALPHA [passfile]
    SHOW MODES
    john -show [passfile]>[output]


    ------------------- SCREEN SHOT OF A JTR SESSION --------------------

    Loaded 254 passwords with 85 different salts (Standard DES [32/32 BS])
    italia (italiano)
    makoto (makotox)
    PADWICK (PADWICKH)
    kelley (kelleyaj)
    bechtel (jbechtel)
    mequery (queryme)
    seeeee (meeeee)
    stevewm (stevenm)
    guesses: 8 time: 0:00:01:23 100% c/s: 25771 trying: zcatcatk - zcatcatz
    [CENTER][FONT=Book Antiqua][SIZE=5][B][COLOR=blue][FONT=Courier New][COLOR=red]--=[/COLOR][/FONT]Xploitz[FONT=Courier New][COLOR=red]=--[/COLOR][/FONT][/COLOR][/B][/SIZE][/FONT][FONT=Courier New][COLOR=Black][SIZE=6][B] ®[/B][/SIZE][/COLOR][/FONT][/CENTER]
    [CENTER][SIZE=4][B]Remote-Exploit.orgs Master Tutorialist.[/B][/SIZE][SIZE=6][B]™
    [/B][/SIZE]
    [URL="http://forums.remote-exploit.org/showthread.php?t=9063"][B]VIDEO: Volume #1 "E-Z No Client WEP Cracking Tutorial"[/B]
    [/URL]
    [URL="http://forums.remote-exploit.org/showthread.php?t=7872"][B]VIDEO: Volume #2 "E-Z No Client Korek Chopchop Attack Tutorial"[/B]
    [/URL]
    [URL="http://forums.remote-exploit.org/showthread.php?t=8230"][B]VIDEO: Volume #3 "E-Z WPA/WPA2 Cracking Tutorial"[/B][/URL]

    [URL="http://forums.remote-exploit.org/showthread.php?t=8041"][B]VIDEO: Volume #4 "E-Z Cracking WPA/WPA2 With Airolib-ng Databases"[/B][/URL]
    [/CENTER]

  3. #3
    Just burned his ISO
    Join Date
    Jun 2007
    Posts
    13

    Default

    documentation for john if you're trying to run it on linux - "openwall.com/john/doc/" (there are instructions for obtaining your shadow file under the "examples" link if you're having trouble finding it).

  4. #4
    Moderator theprez98's Avatar
    Join Date
    Jan 2010
    Location
    Maryland
    Posts
    2,533

    Default

    Quote Originally Posted by heng5150 View Post
    I'm a noob to Linux and want to learn how to use John The Ripper. Please help
    Google is your friend!
    "\x74\x68\x65\x70\x72\x65\x7a\x39\x38";

  5. #5
    Senior Member streaker69's Avatar
    Join Date
    Jan 2010
    Location
    Virginville, BlueBall, Bird In Hand, Intercourse, Paradise, PA
    Posts
    3,535

    Default

    Quote Originally Posted by heng5150 View Post
    I'm a noob to Linux and want to learn how to use John The Ripper. Please help
    If you're a noob to linux, shouldn't you learn linux first?
    A third party security audit is the IT equivalent of a colonoscopy. It's long, intrusive, very uncomfortable, and when it's done, you'll have seen things you really didn't want to see, and you'll never forget that you've had one.

  6. #6
    Moderator theprez98's Avatar
    Join Date
    Jan 2010
    Location
    Maryland
    Posts
    2,533

    Default

    Quote Originally Posted by streaker69 View Post
    If you're a noob to linux, shouldn't you learn linux first?
    Sounds like he'd rather learn JTR and just forget about Linux...
    "\x74\x68\x65\x70\x72\x65\x7a\x39\x38";

  7. #7
    Developer
    Join Date
    Mar 2007
    Posts
    6,124

    Default

    Quote Originally Posted by streaker69 View Post
    If you're a noob to linux, shouldn't you learn linux first?
    Hes just like alot of misled folks who think linux is a hack tool made by hackers. Totally untrue. Anyway streaker's right your going to have a very hard time with john if you cant even operate linux. there are some other distros out there with a program called winpass which is easy to use to recover forgotten or lost pass words in windows. I will not link you to the distro as I think BT is the best and all other must balk in the might of the MIGHTY BACKTRACK Second thought you could try Brutus and stick with winblows

  8. #8
    Member Eristic's Avatar
    Join Date
    Aug 2006
    Posts
    188

    Default

    Quote Originally Posted by heng5150 View Post
    I'm a noob to Linux and want to learn how to use John The Ripper. Please help
    If you aren't going to learn linux, might I reccomend you burn LINNT for lost passwords. I say this because if you do not learn linux, there is a 0% chance that you will crack any password remotely. And that is true 100% of the time.

  9. #9
    Senior Member streaker69's Avatar
    Join Date
    Jan 2010
    Location
    Virginville, BlueBall, Bird In Hand, Intercourse, Paradise, PA
    Posts
    3,535

    Default

    Quote Originally Posted by Eristic View Post
    If you aren't going to learn linux, might I reccomend you burn LINNT for lost passwords. I say this because if you do not learn linux, there is a 0% chance that you will crack any password remotely. And that is true 100% of the time.
    63.7% of all statistics are made up, 85.2% of all people know that.
    A third party security audit is the IT equivalent of a colonoscopy. It's long, intrusive, very uncomfortable, and when it's done, you'll have seen things you really didn't want to see, and you'll never forget that you've had one.

  10. #10
    Senior Member
    Join Date
    Apr 2007
    Posts
    3,385

    Default

    Quote Originally Posted by streaker69 View Post
    63.7% of all statistics are made up, 85.2% of all people know that.
    [CENTER][FONT=Book Antiqua][SIZE=5][B][COLOR=blue][FONT=Courier New][COLOR=red]--=[/COLOR][/FONT]Xploitz[FONT=Courier New][COLOR=red]=--[/COLOR][/FONT][/COLOR][/B][/SIZE][/FONT][FONT=Courier New][COLOR=Black][SIZE=6][B] ®[/B][/SIZE][/COLOR][/FONT][/CENTER]
    [CENTER][SIZE=4][B]Remote-Exploit.orgs Master Tutorialist.[/B][/SIZE][SIZE=6][B]™
    [/B][/SIZE]
    [URL="http://forums.remote-exploit.org/showthread.php?t=9063"][B]VIDEO: Volume #1 "E-Z No Client WEP Cracking Tutorial"[/B]
    [/URL]
    [URL="http://forums.remote-exploit.org/showthread.php?t=7872"][B]VIDEO: Volume #2 "E-Z No Client Korek Chopchop Attack Tutorial"[/B]
    [/URL]
    [URL="http://forums.remote-exploit.org/showthread.php?t=8230"][B]VIDEO: Volume #3 "E-Z WPA/WPA2 Cracking Tutorial"[/B][/URL]

    [URL="http://forums.remote-exploit.org/showthread.php?t=8041"][B]VIDEO: Volume #4 "E-Z Cracking WPA/WPA2 With Airolib-ng Databases"[/B][/URL]
    [/CENTER]

Page 1 of 2 12 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •