- 14 Mar 2022
- 201
- 68
hello TurkHackTeam family I will tell you about the "John The Ripper" tool and what we can do using this tool in this location, and I wish you good reading if you are ready.
WHAT?
-John The Ripper-
What is this "John The Ripper" ? As a result of my not very deep research, I found that a similar name
"john the ripper"i saw it belonged to a notorious killer named. To briefly mention this person,
serial killers (or murderers) who operated in the second half of 1888 in the London slum of Whitechapel.
then we can open and discuss long topics about this person
John has many password cracking methods in his body, the methods he often uses are "Dictionary Attack" and "Brute Force".Let's talk briefly about these attacks as well.
Dictionary Attack (Dictionary Attack): In short and general terms, it is a collection of previously used passwords or self-determined passwords to any file and try each data in this file during the hack.
Brute Force(Brute Force Attack): If a hacker who has reached the admin panel while hacking any website is trying to hack the site by trial and error, this attack is called Brute Force.It is often used to hack admin panels.
So what can we decrypt with John ?
SHA-1
SHA-512
SHA-256
DES
Raw MD5
MD5-Based, Web applications
Cisco Type5
PDF files
RAR ve ZIP files
Keberos/AFS
MD4-Based
Windows LM
utilization
- John The Ripper Kurulumu -
"Although Kali comes installed on Linux and Parrot, you just need to follow the steps below to install it on other systems. Its installation is quite fast and simple. After installing John The Ripper, you will need wordlist to brute force it. You can try brute force by downloading many word lists of various types, such as Rockyou or Secret list."
Debian and Ubuntu
apt-get install -y john
Windows
John the Ripper password cracker
Fedora
yum install john
MacOs
John the Ripper Pro (JtR Pro) password cracker for Mac OS X
- John The Ripper Kullanımı -
To view the parameters that we can use, we write the following code.
john -h
Now let's try to decode a hashi encrypted with SHA1.First of all, we save our hash in a text document.
john --format=raw-sha1 hash.txt
"--format" we specify the type of our hash with our code "--format", if you want, you know how to write it.
After the hash is corrupted, we can get the corrupted version of the hash using the “–show” command.
john -show hash.txt
Because our password is simple, he found it quickly, but it can take days or weeks to crack it with stronger passwords.
thanks for reading
translator
WeXia292292Subject Author
Mascar
