Main:advertisement
Detailed tutorial on jtr usage.
I'm writing this tutorial on john the ripper to help people understand it better.
First thing to note is jtr is run in dos mode, Got lots of pm's that people can't get it to work when they click on it. No Clicking!
First let's download jtr:http://www.openwall.com/john/
Unix=tar.gz windows=binaries,zip.
We are going to use windows on this one,so unzip the file to harddrive.
Good next we need to load some wordlists for cracking, Here are a few to use:
cain and abel wordlists
http://www.theargon.com/achilles/wordlists/
Google wordlist,dictionary files.
For this tut our wordlist will be wordlist.txt
Next we need the hash we'll use 32b1b6b90608cc6ebcdef12e2bec9282.
Set this up in notepad, You need to define a name for your hash to crack.
IE: admin:32b1b6b90608cc6ebcdef12e2bec9282. Now rename and save it to
Johnrun. For this tut ours will be pass.txt
Ok let's crack, Open john, Start-run-cmd. Cd to john1701, cd to run.
To check your files type dir this will list all your password files and wordlists for referrance
Here are the most basic commands to use:
Dictionary attack:
John-386 -w:wordlist.txt pass.txt (you'll have more wordlists by now so change wordlist.txt to any dictionary file you have)
Simple attack:
john-386 si pass.txt
Brute forcing:
john-386 pass.txt
john-386 -i:alpha pass.txt
john-386 -i:digits pass.txt
john-386 -i:all pass.txt
Force cracking:
john-386 -format:des pass.txt (replace des with the type of hash you are trying to crack
bsdi,md5,lm)
Important to note john will not show you it's progress just hit the enter key to see where your at.
To stop cracking hit Ctrl-c. To resume at a later time type john-386 -restore, It will pick up where it left off.
To check your passwords that you've already done navigate to john.pot file on your harddrive (Not dos)
Hope this helps people get started in using jtr. There are more commands to use
check your john-386.exe file and experiment.
Thanks for reading:
KORG
Posted by 
