Knight Squad Blog

John the Ripper – An Essential Password Cracker

Posted on by Noman Prodhan

Hello Everyone

Welcome to another article about hacking tools. Today I will introduce you to John the Ripper, one of the oldest and essential password cracking tools. So let’s get started.

What is John the Ripper ?

John the Ripper (JTR) is an offline password cracking tool that was originally developed for UNIX-based systems but later on developed for other platforms as well and was first released in 1996. This tool is capable of brute-force using both the CPU and the video card and supports many algorithms. It can also crack passwords for compressed files, such as zip, and document files, such as PDFs.

Two versions of John the Ripper are available. One is free & open source and the other is Pro version.

JTR Modes

John The Ripper provides three attack modes and those are

  • Single Crack Mode
  • Wordlist Mode
  • Incremental Mode

John the Ripper also supports custom mode (External Mode). In this mode you can define your own attack mode.

Single Crack Mode

This mode builds a list or a small dictionary of all words found in GECOS fields by applying a complete set of mangling rules JTR supports.

Wordlist Mode

Wordlist mode compares the hash to a known list of potential password matches. In this mode you will need to provide a wordlist to compare.

Incremental Mode

This is the most powerful cracking mode, it can try all possible character combinations as passwords. But its so time consuming that for a password complex enough, it may never be able to complete in practical course of time. So use this mode carefully.

Installation

If you want to install John The Ripper manually than you can do that by downloading the program from OpenWall website. For me I like to install it from the official repository of Black Arch.

You can install the tool from Black Arch repository using the following command

sudo pacman -Sy john --noconfirm

If you are using Kali/Parrot Sec OS or your Debian distribution has Kali Linux repository, you can install the tool using the following command,

sudo apt install john -y

After installation you can verify the installation by running the following command

john

If you have successfully installed John the Ripper the output will something like below

I hope you have enjoyed the article. Stay with us for more article about cool hacking tools.

Leave a Reply

Your email address will not be published. Required fields are marked *