DAY - 09

What is John The Ripper ?

John the Ripper is a free password cracking software tool. Originally developed for the Unix operating system, it can run on fifteen different platforms. It is among the most frequently used password testing and breaking programs as it combines a number of password crackers into one package, automatically detects password hash types, and includes a customizable cracker. It can be run against various encrypted password formats including several crypt password hash types most commonly found on various Unix versions, Kerberos AFS, and Windows NT/2000/XP/2003 LM hash. Additional modules have extended its ability to include MD4-based password hashes and passwords stored in LDAP, MySQL, and others.

STEP 1 : Use man command to see the manual of John The Ripper tool.

STEP 2 : Create a zip file and give the password.

STEP 3 : John the Ripper requires the password hash to be in a specific format. To convert the ZIP file’s password hash into the appropriate format, use the zip2john utility that comes with John the Ripper. Open a terminal and navigate to the directory containing the ZIP file.

Run the following command: zip2john your_file.zip > zip.hash.

This command extracts the password hash from the ZIP file and saves it in a file named zip.hash.

STEP 4 : The password given for the zip file is cracked and is made visible to the user.