Table of Contents
Description
Johnny is the cross-platform Open Source GUI frontend for the popular password cracker John the Ripper. It was originally proposed and designed by Shinnok in draft, version 1.0 implementation was achieved by Aleksey Cherepanov as part of GSoC 2012 and Mathieu Laprise took Johnny further towards 2.0 and beyond as part of GSoC 2015.
Johnny’s aim is to automate and simplify the password cracking routine with the help of the tremendously versatile and robust John the Ripper, as well as add extra functionality on top of it, specific to Desktop and GUI paradigms, like improved hash and password workflow, multiple attacks and session management, easily define complex attack rules, visual feedback and statistics, all of it on top of the immense capabilities and features offered by both JtR core/proper as well as jumbo.
Screenshots
Features
-
Cross platform, builds and runs on all major desktop platforms
-
Based on the most powerful and robust password cracking software, supports both John core/proper and jumbo flavors
-
Exposes most useful JtR attack modes and options in a usable, yet powerful interface
-
Simplifies password/hash management and attack results via complex filtering and selection
-
Easily define new attacks and practical multiple attack session management
-
Manually guess passwords via the Guess function
-
Export Passwords table to CSV and colon password file format
-
Import many types of encrypted or password protected files via the 2john functionality
-
Fully translatable (English and French language for now)
See CHANGELOG for a complete listing of features.
Binary redistributables
The current version is 2.2.
Binaries 2.2 (CURRENT)
Binaries 2.1 (OLD)
Binaries 2.0 (OLD)
Binaries 1.1 (OLD)
Johnny does not have shortcuts for system menu yet. So type ‘johnny’ in your terminal to start Johnny.
Deb packages (suitable for Debian, Linux Mint, Ubuntu and so on):
Rpm packages (suitable for Fedora, Mageia, OpenSUSE):
Generic tarball (manual installation or no installation):
Sources
Official version 2.2 source:
Development source (might not be stable — not recommended):
Current state
Johnny is in development. Development was started as part of Summer of Security 2011 by Aleksey Cherepanov while Shinnok became a mentor for Aleksey. Development was continued by Aleksey Cherepanov as a part of Google Summer of Code 2012 with invaluable help of Frank Dittrich as mentor. It has been developed further more in Google Summer of Code 2015 by Mathieu Laprise and Shinnok.
We welcome any new contributor on Github as well as any feedback on john-dev or john-users mail lists.
Johnny is currently planned using the roadmap available at:
http://openwall.info/wiki/john/johnny-roadmap
Overview ======== Johnny the open source cross-platform GUI frontend for John the Ripper, the popular password cracker, written in C++ using the Qt framework. Johnny's aim is to automate and simplify the password cracking routine on the Desktop as well as add extra functionality like session management and easy hash/password management, on top of the immense capabilities and features offered by John the Ripper. The application uses John The Ripper for the actual work, thus it needs to be installed on your system. Official core (proper) version and the community-enhanced version (jumbo) are both supported. The latter exposes more functionality like extra cracking modes and hash types support. To download official binary redistributables and find more about Johnny visit: http://openwall.info/wiki/john/johnny Johnny is released under the BSD 2-clause license. For detailed licensing info see COPYING dist-file. For version history see CHANGELOG. For building and install instructions see INSTALL.
- Home
- Tools
-
Johnny GUI (for John the Ripper)
/
/
Free
March 18, 2025
Johnny GUI is a graphical user interface (GUI) built for John the Ripper, a popular open-source password cracking tool. John the Ripper is known for its effectiveness in detecting weak passwords and recovering lost passwords. However, many users find the command-line interface challenging to use, especially if they aren’t familiar with terminal-based applications. Johnny GUI solves this problem by offering a streamlined, user-friendly interface that simplifies the password-cracking process, making it accessible for users of all experience levels.
Key Features
-
User-friendly Interface: Johnny GUI provides a clean and easy-to-navigate interface for John the Ripper, making it ideal for beginners or anyone uncomfortable with command-line tools.
-
Integrated Wordlist Management: Johnny simplifies the use of wordlists, which are essential for password cracking, by allowing users to easily add, manage, and test them within the interface.
-
Real-time Monitoring: As Johnny runs John the Ripper, it offers real-time feedback on the cracking progress, making it easier to monitor success or adjust strategies.
-
Multi-Format Support: Johnny GUI supports various password hash formats, just like John the Ripper. This makes it versatile in tackling password-cracking tasks across different systems.
-
Customizable Settings: Users can easily modify cracking options such as brute force or dictionary-based attacks, all through the GUI, eliminating the need to enter complex commands.
What Does It Do?
Johnny GUI simplifies the process of using John the Ripper by providing a graphical interface to perform complex password recovery tasks. Whether you’re cracking passwords for ethical hacking or recovering forgotten credentials, Johnny GUI allows you to utilize the full power of John the Ripper without needing extensive knowledge of the command line. It allows you to import hash files, choose wordlists, and select cracking modes (brute force, dictionary attacks, etc.) with a few clicks. Moreover, it offers continuous feedback, showing cracked passwords and the progress of each attack in real time.
What is Unique About Johnny GUI?
What sets Johnny GUI apart is its ability to bridge the gap between one of the most powerful password-cracking tools and users who might not have the technical expertise to operate command-line tools. Most password-cracking programs are either very technical or overly simplified, but Johnny offers the best of both worlds. By integrating directly with John the Ripper, Johnny GUI leverages its robust password-cracking capabilities while making them accessible through a simple, intuitive interface. The real-time monitoring and customization options also make it highly efficient for professional penetration testers who need to manage large-scale password cracking projects.
Who Should Use Johnny GUI?
Johnny GUI is perfect for a wide range of users:
-
Cybersecurity Professionals: Experts who are familiar with John the Ripper can benefit from Johnny’s streamlined interface to run multiple cracking tasks simultaneously.
-
Penetration Testers: Those performing security audits will find Johnny useful for identifying weak passwords in a straightforward manner.
-
IT Administrators: Admins tasked with recovering lost or forgotten passwords can use Johnny to easily access John the Ripper’s powerful recovery options without learning complex commands.
-
Ethical Hackers: Ethical hackers looking for an accessible yet powerful tool for password cracking can maximize efficiency with Johnny’s clear interface and advanced capabilities.
-
Security Enthusiasts and Beginners: Anyone interested in learning about password cracking or improving their security knowledge will appreciate how Johnny removes much of the complexity involved in using John the Ripper.
Supported Platforms to Deploy Johnny GUI
Johnny GUI is supported on multiple platforms, ensuring compatibility with various operating systems:
-
Windows: Ideal for users who prefer graphical tools on a Windows environment.
-
Linux: Seamlessly integrates into Linux-based systems, a common choice for security professionals.
-
macOS: Supports macOS, making it a great option for Apple users engaged in password cracking or ethical hacking.
The GUI is built to work in tandem with John the Ripper, which supports a broad range of hash types across platforms, making it highly versatile.
Pricing
Johnny GUI is available under the Freemium pricing model. While the tool itself is free to download and use, advanced features tied to John the Ripper’s full capabilities may require further custom configurations that are typically handled by experienced users. The open-source nature of both Johnny and John the Ripper ensures that users can modify the software according to their needs.
For more information, you can visit the official GitHub repository.
Short Summary
Johnny GUI is a powerful and user-friendly graphical interface for John the Ripper, one of the most effective password-cracking tools available. It brings the power of John the Ripper into a more accessible format, allowing both beginners and experts to perform password recovery and security audits with ease. With its real-time monitoring, multi-format support, and easy-to-use interface, Johnny is ideal for anyone looking to leverage the capabilities of John the Ripper without the steep learning curve of command-line interfaces.
GUI Version of John the Ripper Named «Johnny» Released
On 3/29/2012 03:44:00 am
GUI Version of John the Ripper Named «Johnny» Released
Earlier we have talked few times about John the Ripper, it is a fast password cracker, currently available for many flavors of Unix, Windows, DOS, BeOS, and OpenVMS. Its primary purpose is to detect weak Unix passwords. It supports several crypt(3) password hash types commonly found on Unix systems, as well as Windows LM hashes. Those who are not familiar with command line then also they can use GUI edition of John the Ripper or «Johnny». Johnny is a GUI concept to John the Ripper written in C++ using the Qt framework, making it cross-platform on both Unix/Linux and Windows operating systems. It was programmed as a part of the Google Summer of Code 2012 and supports bother 32-bit and 64-bit architectures. Though this project is not complete yet, the main reason behind me writing is that you should know about this promising project. For more information you can visit the open-wall community.
To Download Johnny (GUI of John the Ripper ) Click Here
SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
LINK TO OUR HOME PAGE :
Voice Of GREYHAT is a non-profit Organization propagating news specifically related with Cyber security threats, Hacking threads and issues from all over the spectrum. The news provided by us on this site is gathered from various Re-Sources. if any person have some FAQ’s in their mind they can Contact Us. Also you can read our Privacy Policy for more info.
Thank You !
-Team VOGH
If you enjoyed VOGH News, Articles Then Do Make sure you to Subscribe Our RSS feed. Stay Tuned with VOGH and get Updated about Cyber Security News, Hacking Threads and Lots More. All our Articles and Updates will directly be sent to Your Inbox. Thank You!
-Team VOGH
John the Ripper is a powerful and popular open-source
password cracking tool. It’s known for its versatility and capability to crack
various types of password hashes through different attack methods. On the other
hand, Johnny is a user-friendly graphical interface (GUI) that makes John the
Ripper more accessible to non-technical users, simplifying the process of
password cracking.
Table of Contents
- John the Ripper
- Features and capabilities of John the Ripper
- Supported Platforms and Environments
- Johnny, a GUI for John the Ripper
- Advantages of Using Johnny over the Command-line Version
- Installation and Setup
- Components and Functionalities
- Console log:
- Start, Resume, and Pause Attack Buttons:
- Progress Bar:
- Explain with Examples:
- Example 1: How to Crack Any Type of Hash?
- Example 2: How to Crack a Password-Protected Encrypted File like ‘.zip’, ‘.rar’?
- Example 3: How to Crack a Password-Protected PDF File?
- Example 4: How to Crack a Linux Password?
- Example 5: How to Crack Windows Password?
- Conclusion
Hello, everyone! Today, we’ll demonstrate practical password-cracking examples using John the Ripper and Johnny. We’ll focus on legitimate
use cases, like testing the security of your own passwords or recovering lost
credentials. Remember, always use this knowledge responsibly and ethically,
avoiding unauthorized or malicious activities. Let’s get started!
John the Ripper
Let’s Start with John the Ripper:
John the Ripper is a widely used, open-source password-cracking tool that primarily focuses on cracking password hashes. It supports a variety of hash types and employs several attack modes to attempt to break passwords. It is initially developed for Unix systems, but it has since expanded to work on multiple platforms and hash types.
Features and capabilities of
John the Ripper
Let’s explore the remarkable features and capabilities of
John the Ripper!
- John the Ripper can handle
various password hash formats,
making it compatible with different systems and databases. - It offers
multiple attack modes, including brute-force,
dictionary, and hybrid attacks, providing versatile options for cracking
passwords. - John the Ripper is
optimized for speed, utilizing multiple
CPU cores and GPUs
to accelerate the password-cracking process. - Users can easily use their
own wordlists and apply custom
rules
to generate password variations efficiently. - Being an open-source tool, John the Ripper benefits from
continuous support and contributions
from the vibrant cybersecurity community.
Supported Platforms and Environments
If we talk about, Supported Platforms and Environments, John
the Ripper is compatible with various operating systems, including Windows,
macOS, Linux, and other Unix-like systems.
It also works on different
architectures, making it highly versatile and widely accessible.
There is no need to
install it, as John the Ripper comes
pre-installed with Kali Linux. Open a terminal and use the Help flag to take a look at its Basic Usage and
Command Syntax:
┌──(kali㉿kali)-[~]
└─$ john —help
John the Ripper 1.9.0-jumbo-1+bleeding-aec1328d6c 2021-11-02 10:45:52 +0100 OMP [linux-gnu 64-bit x86_64 SSE2 AC]
Copyright (c) 1996-2021 by Solar Designer and others
Homepage: https://www.openwall.com/john/
Usage: john [OPTIONS] [PASSWORD-FILES]
—help Print usage summary
—single[=SECTION[,..]] «Single crack» mode, using default or named rules
—single=:rule[,..] Same, using «immediate» rule(s)
—single-seed=WORD[,WORD] Add static seed word(s) for all salts in single mode
—single-wordlist=FILE *Short* wordlist with static seed words/morphemes
—single-user-seed=FILE Wordlist with seeds per username (user:password[s]
format)
—single-pair-max=N Override max. number of word pairs generated (6)
—no-single-pair Disable single word pair generation
—[no-]single-retest-guess Override config for SingleRetestGuess
—wordlist[=FILE] —stdin Wordlist mode, read words from FILE or stdin
—pipe like —stdin, but bulk reads, and allows rules
—rules[=SECTION[,..]] Enable word mangling rules (for wordlist or PRINCE
modes), using default or named rules
—rules=:rule[;..]] Same, using «immediate» rule(s)
—rules-stack=SECTION[,..] Stacked rules, applied after regular rules or to
modes that otherwise don’t support rules
—rules-stack=:rule[;..] Same, using «immediate» rule(s)
—rules-skip-nop Skip any NOP «:» rules (you already ran w/o rules)
—loopback[=FILE] Like —wordlist, but extract words from a .pot file
—mem-file-size=SIZE Size threshold for wordlist preload (default 2048 MB)
—dupe-suppression Suppress all dupes in wordlist (and force preload)
—incremental[=MODE] «Incremental» mode [using section MODE]
—incremental-charcount=N Override CharCount for incremental mode
—external=MODE External mode or word filter
—mask[=MASK] Mask mode using MASK (or default from john.conf)
—markov[=OPTIONS] «Markov» mode (see doc/MARKOV)
—mkv-stats=FILE «Markov» stats file
—prince[=FILE] PRINCE mode, read words from FILE
—prince-loopback[=FILE] Fetch words from a .pot file
—prince-elem-cnt-min=N Minimum number of elements per chain (1)
—prince-elem-cnt-max=[-]N Maximum number of elements per chain (negative N is
relative to word length) (8)
—prince-skip=N Initial skip
—prince-limit=N Limit number of candidates generated
—prince-wl-dist-len Calculate length distribution from wordlist
—prince-wl-max=N Load only N words from input wordlist
—prince-case-permute Permute case of first letter
—prince-mmap Memory-map infile (not available with case permute)
—prince-keyspace Just show total keyspace that would be produced
(disregarding skip and limit)
—subsets[=CHARSET] «Subsets» mode (see doc/SUBSETS)
—subsets-required=N The N first characters of «subsets» charset are
the «required set»
—subsets-min-diff=N Minimum unique characters in subset
—subsets-max-diff=[-]N Maximum unique characters in subset (negative N is
relative to word length)
—subsets-prefer-short Prefer shorter candidates over smaller subsets
—subsets-prefer-small Prefer smaller subsets over shorter candidates
—make-charset=FILE Make a charset, FILE will be overwritten
—stdout[=LENGTH] Just output candidate passwords [cut at LENGTH]
—session=NAME Give a new session the NAME
—status[=NAME] Print status of a session [called NAME]
—restore[=NAME] Restore an interrupted session [called NAME]
—[no-]crack-status Emit a status line whenever a password is cracked
—progress-every=N Emit a status line every N seconds
—show[=left] Show cracked passwords [if =left, then uncracked]
—show=formats Show information about hashes in a file (JSON)
—show=invalid Show lines that are not valid for selected format(s)
—test[=TIME] Run tests and benchmarks for TIME seconds each
(if TIME is explicitly 0, test w/o benchmark)
—stress-test[=TIME] Loop self tests forever
—test-full=LEVEL Run more thorough self-tests
—no-mask Used with —test for alternate benchmark w/o mask
—skip-self-tests Skip self tests
—users=[-]LOGIN|UID[,..] [Do not] load this (these) user(s) only
—groups=[-]GID[,..] Load users [not] of this (these) group(s) only
—shells=[-]SHELL[,..] Load users with[out] this (these) shell(s) only
—salts=[-]COUNT[:MAX] Load salts with[out] COUNT [to MAX] hashes, or
—salts=#M[-N] Load M [to N] most populated salts
—costs=[-]C[:M][,…] Load salts with[out] cost value Cn [to Mn]. For
tunable cost parameters, see doc/OPTIONS
—fork=N Fork N processes
—node=MIN[-MAX]/TOTAL This node’s number range out of TOTAL count
—save-memory=LEVEL Enable memory saving, at LEVEL 1..3
—log-stderr Log to screen instead of file
—verbosity=N Change verbosity (1-5 or 6 for debug, default 3)
—no-log Disables creation and writing to john.log file
—bare-always-valid=Y Treat bare hashes as valid (Y/N)
—catch-up=NAME Catch up with existing (paused) session NAME
—config=FILE Use FILE instead of john.conf or john.ini
—encoding=NAME Input encoding (eg. UTF-8, ISO-8859-1). See also
doc/ENCODINGS.
—input-encoding=NAME Input encoding (alias for —encoding)
—internal-codepage=NAME Codepage used in rules/masks (see doc/ENCODINGS)
—target-encoding=NAME Output encoding (used by format)
—force-tty Set up terminal for reading keystrokes even if we’re
not the foreground process
—field-separator-char=C Use ‘C’ instead of the ‘:’ in input and pot files
—[no-]keep-guessing Try finding plaintext collisions
—list=WHAT List capabilities, see —list=help or doc/OPTIONS
—length=N Shortcut for —min-len=N —max-len=N
—min-length=N Request a minimum candidate length in bytes
—max-length=N Request a maximum candidate length in bytes
—max-candidates=[-]N Gracefully exit after this many candidates tried.
(if negative, reset count on each crack)
—max-run-time=[-]N Gracefully exit after this many seconds (if negative,
reset timer on each crack)
—mkpc=N Request a lower max. keys per crypt
—no-loader-dupecheck Disable the dupe checking when loading hashes
—pot=NAME Pot file to use
—regen-lost-salts=N Brute force unknown salts (see doc/OPTIONS)
—reject-printable Reject printable binaries
—tune=HOW Tuning options (auto/report/N)
—subformat=FORMAT Pick a benchmark format for —format=crypt
—format=[NAME|CLASS][,..] Force hash of type NAME. The supported formats can
be seen with —list=formats and —list=subformats.
See also doc/OPTIONS for more advanced selection of
format(s), including using classes and wildcards.
┌──(kali㉿kali)-[~]
└─$
Using John the Ripper is straightforward. Just type john
followed by options and the password file,
john
<options> <password-hash-file>
And you’re good to go!
Johnny, a GUI for John the Ripper
John the Ripper
is a widely used, open-source password-cracking tool that primarily focuses on cracking password hashes. It supports a variety of hash types and employs several attack modes to attempt to break passwords. It was initially developed for Unix systems, but it has since expanded to work on multiple platforms and hash types.
Advantages of Using Johnny over the Command-line Version
Let’s talk about the Advantages of Using Johnny over the Command-line Version:
- Johnny offers a
visually appealing and straightforward user
interface, reducing the learning curve for newcomers. - The GUI streamlines the
configuration process, allowing
users to adjust settings without dealing with complex command-line options. - Johnny provides
real-time progress updates
during the
cracking process, making it easier to monitor and manage ongoing tasks. - Johnny features a
wizard mode
that guides users through the
necessary steps to start password cracking without requiring in-depth technical
knowledge. - The GUI may offer
clearer error messages and easier
troubleshooting, enhancing the overall user experience.
Installation and Setup
Let’s talk about it’s Installation and Setup:
Johnny does not come pre-installed with Kali Linux. So we
have to install it manually. Use the following command, to download
and install the package:
┌──(kali㉿kali)-[~]
└─$ sudo apt install johnny
[sudo] password for kali:
Reading package lists… Done
Building dependency tree… Done
Reading state information… Done
The following packages were automatically installed and are no longer required:
figlet finger firebird3.0-common firebird3.0-common-doc libavutil57 libbson-1.0-0 libcodec2-1.0 libfbclient2 libhashkit2
libmemcached11 libmongoc-1.0-0 libmongocrypt0 libplacebo208 libpostproc56 libswscale6 libwinpr2-2 medusa numba-doc
python-odf-doc python-odf-tools python-tables-data python3-aioredis python3-apscheduler python3-bottleneck python3-git
python3-gitdb python3-llvmlite python3-numba python3-numexpr python3-odf python3-pandas python3-pandas-lib python3-pyexploitdb
python3-pyfiglet python3-pyshodan python3-quamash python3-smmap python3-tables python3-tables-lib python3-tld python3-yaswfp
rwho rwhod sparta-scripts toilet-fonts wapiti
Use ‘sudo apt autoremove’ to remove them.
The following NEW packages will be installed:
johnny
0 upgraded, 1 newly installed, 0 to remove and 852 not upgraded.
Need to get 541 kB of archives.
After this operation, 923 kB of additional disk space will be used.
Get:1 http://http.kali.org/kali kali-rolling/main amd64 johnny amd64 2.2+git20160807-0kali2 [541 kB]
Fetched 541 kB in 18s (30.9 kB/s)
Selecting previously unselected package johnny.
(Reading database … 400753 files and directories currently installed.)
Preparing to unpack …/johnny_2.2+git20160807-0kali2_amd64.deb …
Unpacking johnny (2.2+git20160807-0kali2) …
Setting up johnny (2.2+git20160807-0kali2) …
Processing triggers for kali-menu (2023.2.3) …
┌──(kali㉿kali)-[~]
└─$
With Johnny successfully installed, you can launch it
effortlessly. Simply locate Johnny in your application menu and click on it.
.png)
As
you do, the intuitive GUI interface of Johnny will open up, ready for use.
.png)
Components and Functionalities
Now,
let’s delve into its various components and functionalities. The user interface of Johnny typically consists of the
following components:
Open Password File:
This section is used to load password files.
There are two
segments: one for hash files, and the other for password-protected files like
ZIP, PDF, and rar files.
Once loaded, they will be displayed in the highlighted
area.
Option Tab:
Under the Options Tab, you’ll find two sections: Session
Detail, and Attack Mode.
.png)
Let’s explore them further.
Session Detail:
Here, you can provide the current password hash format in
the input box. It defaults to a standard format, but you can adjust it if
needed.
Attack Mode:
You can select the attack type from options like single
crack, wordlist, incremental, external, mask, Markov, and Prince.
.png)
Among them the Wordlist tab is particularly important; it
lets you input your custom wordlist.
.png)
Console log:
This area displays logs for each attack
attempt, providing insights into the cracking process.
.png)
Start, Resume, and Pause Attack Buttons:
These buttons
initiate, resume, or pause the password-cracking process, giving you control
over the operation.
.png)
Progress Bar:
The progress bar offers a visual
representation of the cracking progress, making it easy to track.
.png)
Explain with Examples:
Let’s explain John the Ripper and Johnny using some
Examples:
Example 1: How to Crack Any Type of Hash?
.png)
To initiate the process of cracking any hash, we must first
obtain it. Hashes can adopt various formats, such as
MD5,
SHA, and others.
Let’s generate a hash using a hash generator and store it in a text file. To generate a hash, we can utilize online hash generator
tools.
For this illustration, let’s generate an
MD5 hash.
.png)
In the
input field, input your desired string and after clicking the «
Generate
»
button, you’ll be presented with a range of hash formats.
.png)
Focus on copying the
MD5 hash and, save the MD5 hash to a text editor and designate the
file as «
hashmd.txt
.»
.png)
With the hash file prepared, we are ready to
proceed with the cracking process. To crack the password using John the Ripper, execute the following format:
john —format=
<specify-hash-format>
<specify-hash-file>
Now, run the command on the terminal:
┌──(kali㉿kali)-[~]
└─$ sudo john —format=Raw-MD5 hashmd.txt
John the Ripper will try to crack the hash and reveal the
password if successful.
[sudo] password for kali:
Using default input encoding: UTF-8
Loaded 1 password hash (Raw-MD5 [MD5 128/128 SSE2 4×3])
Warning: no OpenMP support for this hash type, consider —fork=2
Proceeding with single, rules:Single
Press ‘q’ or Ctrl-C to abort, almost any other key for status
Almost done: Processing the remaining buffered candidate passwords, if any.
Proceeding with wordlist:/usr/share/john/password.lst
Proceeding with incremental:ASCII
0g 0:00:00:56 3/3 0g/s 15409Kp/s 15409Kc/s 15409KC/s 5srvf8..5sssmf
Session aborted
┌──(kali㉿kali)-[~]
└─$
If somehow, it can’t crack the hash, you can use a wordlist.
To use a wordlist, Create or obtain a wordlist containing
potential passwords. You can take help from tools like
CUPP
and
CRUNCH
.
Read
this article to learn more about, how you can generate a wordlist:
How to Generate a Wordlist for Password Cracking
This guide provides step-by-step instructions on how to generate wordlists for password cracking. Wordlists are essential tools for security professionals and ethical hackers to test and strengthen password security.
The hash I’ve generated isn’t present within the
pre-installed wordlists on
Kali Linux
. Hence, the need arises to generate our
custom wordlist using
CUPP
.
Upon completion of
Cupp Interactive
, you’ll be furnished with a
well-suited wordlist.
.png)
With the wordlist prepared, we can now proceed to apply
it with
John the Ripper
. Run, john with the following format:
john —format=
<specify-hash-format>
<specify-hash-file>
—wordlist=
<specify-wordlist>
Run it on the terminal:
┌──(kali㉿kali)-[~]
└─$ sudo john —format=Raw-MD5 hashmd.txt —wordlist=techno.txt
Using default input encoding: UTF-8
Loaded 1 password hash (Raw-MD5 [MD5 128/128 SSE2 4×3])
Warning: no OpenMP support for this hash type, consider —fork=2
Press ‘q’ or Ctrl-C to abort, almost any other key for status
TechnoScience@123 (?)
1g 0:00:00:00 DONE (2023-08-16 12:26) 25.00g/s 365200p/s 365200c/s 365200C/s tstechno@*$..TechnoScience@123
Use the «—show —format=Raw-MD5» options to display all of the cracked passwords reliably
Session completed.
┌──(kali㉿kali)-[~]
└─$
This approach might crack the hash.
Using Johnny
To crack the hash using a graphical Interface, Launch
Johnny
and load the password file by clicking on «
Open password file(PASSWD format)
«.
.png)
Configure the hash format and set the path to your
wordlist in the options.
.png)
Then, start the attack by clicking, «
Start new Attack
.»
.png)
Johnny
will attempt to crack the password using the wordlist.
.png)
Example 2: How to Crack a Password-Protected
Encrypted File like ‘.zip’, ‘.rar’?
.png)
In this scenario, I have two encrypted files which are in the form of «.zip» and «.rar» format respectively.
As you can see, while I try to
extract the file, it prompts me to enter a password.
To crack a password-protected encrypted file, we need to
obtain the hash associated with it. It is quite simple.
I will only demonstrate it for ZIP
files, you can apply a similar approach to RAR files. Firstly, run the following command on the terminal:
┌──(kali㉿kali)-[~]
└─$ zip2john test.zip > test.txt
This command will generate a text file containing the
password hash.
Now, that we have the hash file, follow the similar process from
Example 1, to crack the password.
┌──(kali㉿kali)-[~]
└─$ sudo john test.txt —wordlist=/usr/share/wordlists/rockyou.txt
Using default input encoding: UTF-8
Loaded 4 password hashes with 4 different salts (ZIP, WinZip [PBKDF2-SHA1 128/128 SSE2 4x])
Loaded hashes with cost 1 (HMAC size) varying from 1686733 to 2030673
Will run 2 OpenMP threads
Press ‘q’ or Ctrl-C to abort, almost any other key for status
password123 (test.zip/326094_Overview of Cyber Security _xl-1024-v1-0.png)
password123 (test.zip/326095_Overview of Cyber Security _xl-1024-v1-0.png)
password123 (test.zip/326096_Overview of Cyber Security _xl-1024-v1-0.png)
password123 (test.zip/326093_Overview of Cyber Security _xl-1024-v1-0.png)
4g 0:00:00:01 DONE (2023-08-16 12:41) 2.666g/s 1365p/s 5461c/s 5461C/s sploit..queen
Use the «—show» option to display all of the cracked passwords reliably
Session completed.
┌──(kali㉿kali)-[~]
└─$
Once the password is cracked, we can extract the encrypted
file effortlessly.
Example 3: How to Crack a Password-Protected PDF
File?
.png)
Cracking a password-protected PDF file follows a process
similar to encrypted files. Let’s take a look at how to do it.
Here, I have a password-protected PDF file, requiring a password to access its content.
To crack the password of the protected PDF, we first need to
obtain its hash. Use the following command:
┌──(kali㉿kali)-[~]
└─$ pdf2john test.pdf > test.txt
┌──(kali㉿kali)-[~]
└─$
ls
test.pdf
test.txt
Now, that we have the hash file, follow the similar process from
Example 1, to crack the password.
┌──(kali㉿kali)-[~]
└─$ sudo john test.txt —wordlist=/usr/share/wordlists/rockyou.txt
[sudo] password for kali:
Using default input encoding: UTF-8
Loaded 1 password hash (PDF [MD5 SHA2 RC4/AES 32/64])
Cost 1 (revision) is 4 for all loaded hashes
Will run 2 OpenMP threads
Press ‘q’ or Ctrl-C to abort, almost any other key for status
Password123 (test.pdf)
1g 0:00:00:01 DONE (2023-08-16 12:47) 0.8196g/s 27488p/s 27488c/s 27488C/s babyjoy..Fernando
Use the «—show —format=PDF» options to display all of the cracked passwords reliably
Session completed.
┌──(kali㉿kali)-[~]
└─$
Once the password is cracked, we can view
its content effortlessly.
Example 4: How to Crack a Linux Password?
.png)
In this example, we’ll explore how to crack Linux passwords:
.png)
The process involves obtaining the «/shadow» and «/passwd» files from the «/etc» directory. For demonstration purposes, I’ve set up three new users on my Ubuntu
system to see if John the Ripper can crack their passwords.
.png)
To begin, boot your system using a Kali Linux USB drive. If
you’re unsure about creating a portable USB drive, you can refer to our video
guide for assistance.
Steps to create a Bootable Kali Live USB Persistence
Kali Linux is a distribution of Linux that is specifically designed for penetration testing, digital forensics, and other security-related tasks. A «Live» version of Kali allows the user to boot the operating system from a USB drive, rather than installing it on a computer’s hard drive.
Once the system is booted, we need to retrieve the shadow
and passwd files from the Ubuntu Hard disk using the
unshadow
command-line tool.
.png)
Open Ubuntu Linux hard disk, and navigate
to the «/etc» directory:
.png)
Open a terminal from here, and execute the following command:
sudo unshadow then mention, passwd, and shadow file, and here, specify the destination location as
/Desktop
.
┌──(kali㉿kali)-[/media/kali/48980cfe-953e-4bb1-8589-abd9b644327c/etc]
└─$ sudo unshadow
passwd shadow
>
/home/kali/Desktop/linuxpass.txt
┌──(kali㉿kali)-[/media/kali/48980cfe-953e-4bb1-8589-abd9b644327c/etc]
└─$
This
will result in a Linux password hash file on the desktop, change the directory to verify its location:
┌──(kali㉿kali)-[/media/kali/48980cfe-953e-4bb1-8589-abd9b644327c/etc]
└─$ cd /home/kali/Desktop
┌──(kali㉿kali)-[~/Desktop]
└─$ ls
linuxpass.txt
┌──(kali㉿kali)-[~/Desktop]
└─$
Run John against the Linux hash file, to crack the Password:
┌──(kali㉿kali)-[~/Desktop]
└─$ sudo john linuxpass.txt
Using default input encoding: UTF-8
No password hashes loaded (see FAQ)
┌──(kali㉿kali)-[~/Desktop]
└─$
However, the initial attempt at password cracking might not
succeed. Therefore, specifying the hash format and trying again is necessary.
┌──(kali㉿kali)-[~/Desktop]
└─$ sudo john —format=crypt linuxpass.txt
Using default input encoding: UTF-8
Loaded 4 password hashes with 4 different salts (crypt, generic crypt(3) [?/64])
Cost 1 (algorithm [1:descrypt 2:md5crypt 3:sunmd5 4:bcrypt 5:sha256crypt 6:sha512crypt]) is 0 for all loaded hashes
Cost 2 (algorithm specific iterations) is 1 for all loaded hashes
Proceeding with single, rules:Single
Press ‘q’ or Ctrl-C to abort, almost any other key for status
0g 0:00:00:49 32.69% 1/3 (ETA: 18:48:31) 0g/s 47.01p/s 47.01c/s 47.01C/s fubuntuubuntu..rubuntu
Session aborted
┌──(kali㉿kali)-[~/Desktop]
└─$
This process can be time-consuming due to the limited power of John the
Ripper’s built-in wordlist. To enhance our chances, let’s utilize a
pre-installed wordlist.
For this purpose, we will use rockyou.txt. First, locate the path of
rockyou.txt
and if this file
is in «
.gz
» format, we have to extract it using
gunzip
.
┌──(kali㉿kali)-[~]
└─$ locate rockyou.txt
/usr/share/wordlists/rockyou.txt.gz
┌──(kali㉿kali)-[~]
└─$ sudo gunzip /usr/share/wordlists/rockyou.txt.gz
┌──(kali㉿kali)-[~]
└─$
With the wordlist in place,
we’ll run John using this wordlist.
┌──(kali㉿kali)-[~/Desktop]
└─$ sudo john —format=crypt linuxpass.txt —wordlist=/usr/share/wordlists/rockyou.txt
Using default input encoding: UTF-8
Loaded 4 password hashes with 4 different salts (crypt, generic crypt(3) [?/64])
Cost 1 (algorithm [1:descrypt 2:md5crypt 3:sunmd5 4:bcrypt 5:sha256crypt 6:sha512crypt]) is 0 for all loaded hashes
Cost 2 (algorithm specific iterations) is 1 for all loaded hashes
Press ‘q’ or Ctrl-C to abort, almost any other key for status
password (user3)
1234 (ubuntu)
Thanks to the enriched wordlist, we’ve been able to
successfully crack two passwords. This underscores the impact of using a more
potent wordlist in the password-cracking process.
Example 5: How to Crack Windows Password?
.png)
In this scenario, I’m working with a
Windows machine
. For
the purpose of demonstration, I’ve established two new user accounts.
.png)
The goal
is to assess whether
John the Ripper
is capable of cracking the passwords
associated with these user accounts.
It is always important to know that,
Windows stores user account
passwords in a file called the
Security Account Manager (SAM)
file.
To crack Windows SAM file passwords, we need to obtain the
SAM and SYSTEM files from the Windows system. To get started, boot your system
with a Kali Linux USB drive.
.png)
Open the Windows Hard Disk, navigate to the Windows drive → Windows → System32 → config directory.
.png)
The next step involves copying and converting the extracted
hashes into a format that John the Ripper can comprehend. To do this, we will use
the
samdump2
command.
Open a terminal from here, and execute the following command to Kali home directory:
┌──(kali㉿kali)-[/media/…/8246686546685BC3/Windows/System32/config]
└─$ sudo samdump2
SYSTEM SAM
>
/home/kali/hashes.txt
┌──(kali㉿kali)-[/media/…/8246686546685BC3/Windows/System32/config]
└─$
With the hash file ready, use John the Ripper to crack
passwords:
┌──(kali㉿kali)-[/media/…/8246686546685BC3/Windows/System32/config]
└─$ cd
# Change the directory to /home/Kali
┌──(kali㉿kali)-[~]
└─$ ls # List the files and directories to verify the hash
Desktop Documents Downloads hashes.txt Music Pictures Public Templates Videos
┌──(kali㉿kali)-[~]
└─$ sudo john —format=
NT
hashes.txt
—wordlist=
/usr/share/wordlists/rockyou.txt
Created directory: /root/.john
Using default input encoding: UTF-8
Loaded 4 password hashes with no different salts (NT [MD4 256/256 AVX2 8×3])
Press ‘q’ or Ctrl-C to abort, almost any other key for status
iloveyou2 (Newuser)
microsoft (Microsoft)
(*disabled* Administrator)
2356 (windows8-pc)
4g 0:00:00:01 DONE (2023-08-19 15:18) 2.061g/s 6615Kp/s 6615Kc/s 6619KC/s 23560353..2355345a
Warning: passwords printed above might not be all those cracked
Use the «—show —format=NT» options to display all of the cracked passwords reliably
Session completed.
┌──(kali㉿kali)-[~]
└─$
John the Ripper will automatically begin the process of
cracking Windows passwords.
Conclusion
In conclusion, John the Ripper stands out as a robust
open-source password-cracking tool, proficient in cracking diverse password
hashes using multiple attack methods. On the other hand,
Johnny
presents a
user-friendly graphical interface that streamlines the utilization of John the
Ripper, making password-cracking tasks more approachable for users of all
levels.