THM John The Ripper - grunt92/IT-Sec-WriteUps GitHub Wiki

John who?

Read and understand the basic concepts of hashing and hash cracking

No answer needed

Setting up John the Ripper

What is the most popular extended version of John the Ripper?

Jumbo John

Wordlists

What website was the rockyou.txt wordlist created from a breach on?

rockyou.com

Cracking Basic Hashes

What type of hash is hash1.txt?

MD5

What is the cracked value of hash1.txt?

Run john --format=Raw-MD5 hash1.txt --wordlist=/Path/to/wordlist.txt and you get the password:

biscuit

What type of hash is hash2.txt?

sha1

What is the cracked value of hash2.txt?

Run john --format=Raw-SHA1 hash2.txt --wordlist=/Path/to/wordlist.txt and you get the password:

kangeroo

What type of hash is hash3.txt?

sha256

What is the cracked value of hash3.txt

Run john --format=Raw-SHA256 hash3.txt --wordlist=/Path/to/wordlist.txt and you get the password:

microphone

What type of hash is hash4.txt?

whirlpool

What is the cracked value of hash4.txt

Run john --format=whirlpool hash4.txt --wordlist=/Path/to/wordlist.txt and you get the password:

colossal

Cracking Windows Authentication Hashes

What do we need to set the "format" flag to, in order to crack this?

NT

What is the cracked value of this password?

Run john --format=NT ntlm.txt --wordlist=/Path/to/wordlist.txt and you get the password:

mushroom

Cracking /etc/shadow Hashes

What is the root password?

Copy root:x:0:0::/root:/bin/bash into a "passwd"-file and root:$6$Ha.d5nGupBm29pYr$yugXSk24ZljLTAZZagtGwpSQhb3F2DOJtnHrvk7HI2ma4GsuioHp8sm3LJiRJpKfIf7lZQ29qgtH17Q/JDpYM/:18576:::::: into a "shadow"-file.
Run unshadow passwd shadow > hash to create a unshadowed hash-file. Than run john hash --wordlist=/Path/to/wordlist.txt to get the password.

1234

Single Crack Mode

What is Joker's password?

Download the file and change to content by inserting "joker:" in front of the hash. Than run john --single --format=RAW-MD5 hash7.txt to get the answer.

Jok3r

Custom Rules

What do custom rules allow us to exploit?

Password complexity predictability

What rule would we use to add all capital letters to the end of the word?

Az"[A-Z]"

What flag would we use to call a custom rule called "THMRules"

--rule=THMRules

Cracking Password Protected Zip Files

What is the password for the secure.zip file?

Use zip2john secure.zip > secure.txt to create a txt-file and than use john --wordlist=/Path/to/wordlist.txt secure.txt to get the password.

pass123

What is the contents of the flag inside the zip file?

Unzip the zip-file and open the txt-file to get the flag.

THM{w3ll_d0n3_h4sh_r0y4l}

Cracking Password Protected RAR Archives

What is the password for the secure.rar file?

Use rar2john secure.zip > secure.txt to create a txt-file and than use john --wordlist=/Path/to/wordlist.txt secure.txt to get the password.

password

What is the contents of the flag inside the zip file?

Extract the rar-file using the password and open the contained flag to get the flag.

THM{r4r_4rch1ve5_th15_t1m3}

Cracking SSH Keys with John

What is the SSH private key password?

Use ssh2john idrsa.id_rsa > id.txt to create a txt-file and than use john --wordlist=/Path/to/wordlist.txt id.txt to get the password.

mango

Further Reading

Read the above.

No answer needed

⚠️ **GitHub.com Fallback** ⚠️