Follow us on Twitter!
It is never to LATE to become what you never WERE.
Saturday, April 19, 2014
Navigation
Home
HellBoundHackers Main:
HellBoundHackers Find:
HellBoundHackers Information:
Learn
Communicate
Submit
Shop
Challenges
HellBoundHackers Exploit:
HellBoundHackers Programming:
HellBoundHackers Think:
HellBoundHackers Track:
HellBoundHackers Patch:
HellBoundHackers Other:
HellBoundHackers Need Help?
Other
Members Online
Total Online: 34
Guests Online: 34
Members Online: 0

Registered Members: 82832
Newest Member: SerMSYS
Latest Articles

John the Ripper for Dummies

Arrow Image A reference for the rest of us! Learn the basics of John and some handy word lists as well.



John the Ripper is an extremely useful and bloody fast decryption tool that can be used for several types of hashes, today I will only cover DES being that it is the most common type.

A DES looks something along the lines of this
lemur:anfoewnfona
don\'t bother to decrypt that, I made it up.

First off you notice that when you click on it, what happens? A command prompt flies by your face! Where\'d it go? It\'s an application known as command line, you must open it through cmd or terminal depending on your OS.

Cd to its directory and type the application name, take a look at the options you see there, this is how John works.

Take ALL DES hashes you want cracked and put them in the file passwd.txt . Once you have that you need a good wordlist. The best I know of are from The Argon List.
http://www.theargon.com

Got a nice big one downloaded? Put it in Johns directory for convenience sakes.

Open up john. A simple way to crack them is the wordlist mode, enter the command

john -w:wordlisthere passfilehere > result.txt

this will use your word list and output the result to a text file in the same directory. Simple enough, fast, easy, and dang useful for some things!

If you get a no pass hashes loaded error them your password file isn\'t configured properly.

Have fun with John!

Comments

Futilityon February 26 2008 - 21:47:22
Plenty of better articles written on this. What happens when the wordlist doesn't get the pass? What other commands are there for use in JTR? Maybe you should have gone into what the format of the hash means? It's called JTR for dummies, not 'how to crack DES hashes using a wordlist and JTR' But that's just my opinion- who knows, maybe you helped someone out?
korgon February 27 2008 - 07:59:40
Deffo for dummies, I know you can do better than this dude.
ncjieon March 10 2008 - 04:15:00
Quoted From Lemur "If you get a no pass hashes loaded error them your password file isn't configured properly." It can be the password is cracked. Which is stored inside the john.pot file.. Wink
xzebraxon November 23 2008 - 17:32:26
You're a faggot, Lemur!
Post Comment

Sorry.

You must have completed the challenge Basic 1 and have 100 points or more, to be able to post.