John the ripper – via install

Reading Time: < 1 minute

Last Updated: 8/22/2024

In this segment we are going to talk about using john for security. John is a password cracking and testing tool.

How to Install:

There are a few ways to use John. You could use Kali Linux; because john is built into it, or you can build and install John on your local system.

sudo apt-get install build-essential
sudo apt-get install libssl-dev

(optional) sudo apt-get -y install yasm libgmp-dev libpcap-dev pkg-config libbz2-dev
(optional) sudo apt -y install zlib1g-dev

If you haven’t installed git; please do so now.

apt-get install git -y

Now we can pull down the project, unpack it, and then configure and compile it.

mkdir /root/src
cd ~/src
git clone git://github.com/magnumripper/JohnTheRipper -b bleeding-jumbo john
cd ~/src/john/src
./configure && make -s clean && make -sj4

Choosing a wordlist:

https://www.openwall.com/wordlists/.

Cracking Zipfiles:

We can use John to crack Zip files by going through a 2 step proces. We use the utility zip2john to extract the hash file from the zipfile. Once we have that then it’s just a matter of running john against your wordlists in order to see if you have any matches.

References:
http://openwall.info/wiki/john/tutorials/Ubuntu-build-howto
(also https://linuxreference.wordpress.com/2019/06/07/howto-install-john-the-ripper-in-ubuntu-18-04/)
(also http://insidetrust.blogspot.com/2011/01/password-cracking-using-john-ripper-jtr.html )
(additionally: http://pentestmonkey.net/cheat-sheet/john-the-ripper-hash-formats)
https://www.stationx.net/how-to-use-john-the-ripper/

This entry was posted in Security. Bookmark the permalink.