John the Ripper (JtR)

Password cracker.

Installation

For Windows, download it from Openwall.

sudo apt install john

Help

john --help
john [OPTIONS] [PASSWORD-FILES]

Performance & GPUs

Benchmark

john --test
john --test  --format=<hash type>

For GPU, use a hash type ending with opencl:

john --test --format=raw-MD5-opencl

Use CPU cores for cracking

To significantly speed up the cracking speed, use the
–fork=NUMBER option, set the number of logical CPU cores (threads) on your computer as a number. For example, if there are 16 logical cores, then you need to use the –fork=16 option. You can also try if the number of physical cores is more efficient on your system.

john --format=<hash type> --fork=16 [...]

Use GPUs for cracking

Not all hash algorithms support GPU cracking (OpenCL).

List OpenCL devices

john --list=opencl-devices

Windows – no OpenCL devices detected

john --list=opencl-devices
Error: No OpenCL-capable platforms were detected by the installed OpenCL driver.
Error: No OpenCL-capable devices were detected by the installed OpenCL driver.

Locate the vendor’s OpenCL dll file (example with NVIDIA):

C:\Windows\System32\DriverStore\FileRepository\nvmdi.inf_amd64_ad813833cb149cd8\nvopencl64.dll

Edit the the .icd file and point it to the correct vendor DLL file:

...<john folder>\etc\OpenCL\vendors\nvidia.icd

Compatible hash types

Use formats ending with “opencl”. These are available in the community-enhanced “jumbo” version of John the Ripper.

john --list=formats --format=opencl
sha1crypt-opencl, KeePass-opencl,
oldoffice-opencl, PBKDF2-HMAC-MD4-opencl, PBKDF2-HMAC-MD5-opencl,
PBKDF2-HMAC-SHA1-opencl, rar-opencl, RAR5-opencl, TrueCrypt-opencl,
lotus5-opencl, AndroidBackup-opencl, agilekeychain-opencl, ansible-opencl,
axcrypt-opencl, axcrypt2-opencl, bcrypt-opencl, BitLocker-opencl,
bitwarden-opencl, blockchain-opencl, cloudkeychain-opencl, md5crypt-opencl,
sha256crypt-opencl, sha512crypt-opencl, dashlane-opencl, descrypt-opencl,
diskcryptor-opencl, diskcryptor-aes-opencl, dmg-opencl,
electrum-modern-opencl, EncFS-opencl, enpass-opencl, ethereum-opencl,
ethereum-presale-opencl, FVDE-opencl, geli-opencl, gpg-opencl, iwork-opencl,
keychain-opencl, keyring-opencl, keystore-opencl, krb5pa-md5-opencl,
krb5pa-sha1-opencl, krb5asrep-aes-opencl, lp-opencl, lpcli-opencl, LM-opencl,
mscash-opencl, mscash2-opencl, mysql-sha1-opencl, notes-opencl, NT-opencl,
ntlmv2-opencl, o5logon-opencl, ODF-opencl, office-opencl,
OpenBSD-SoftRAID-opencl, PBKDF2-HMAC-SHA256-opencl,
PBKDF2-HMAC-SHA512-opencl, pem-opencl, pfx-opencl, pgpdisk-opencl,
pgpsda-opencl, pgpwde-opencl, PHPass-opencl, pwsafe-opencl, RAKP-opencl,
raw-MD4-opencl, raw-MD5-opencl, raw-SHA1-opencl, raw-SHA256-opencl,
raw-SHA512-free-opencl, raw-SHA512-opencl, salted-SHA1-opencl, sappse-opencl,
7z-opencl, SL3-opencl, solarwinds-opencl, ssh-opencl, sspr-opencl,
strip-opencl, telegram-opencl, tezos-opencl, vmx-opencl, wpapsk-opencl,
wpapsk-pmk-opencl, XSHA512-free-opencl, XSHA512-opencl, ZIP-opencl

Example with MD5

john --format=raw-MD5-opencl --mask='?a' --min-length=1 --max-length=8 hash.txt

Monitor progress

Emit a status line every N seconds.

john --progress-every=60 [...]

Hash

Hash types

See John The Ripper Hash Formats (PentestMonkey).

john --list=formats
Created directory: /root/.john
descrypt, bsdicrypt, md5crypt, md5crypt-long, bcrypt, scrypt, LM, AFS, tripcode, AndroidBackup, adxcrypt, agilekeychain, aix-ssha1, aix-ssha256, aix-ssha512, andOTP, ansible, argon2, as400-des, as400-ssha1, asa-md5, AxCrypt, AzureAD, BestCrypt, bfegg, Bitcoin, BitLocker, bitshares, Bitwarden, BKS, Blackberry-ES10, WoWSRP, Blockchain, chap, Clipperz, cloudkeychain, dynamic_n, cq, CRC32, sha1crypt, sha256crypt, sha512crypt, Citrix_NS10, dahua, dashlane, diskcryptor, Django, django-scrypt, dmd5, dmg, dominosec, dominosec8, DPAPImk, dragonfly3-32, dragonfly3-64, dragonfly4-32, dragonfly4-64, Drupal7, eCryptfs, eigrp, electrum, EncFS, enpass, EPI, EPiServer, ethereum, fde, Fortigate256, Fortigate, FormSpring, FVDE, geli, gost, gpg, HAVAL-128-4, HAVAL-256-3, hdaa, hMailServer, hsrp, IKE, ipb2, itunes-backup, iwork, KeePass, keychain, keyring, keystore, known_hosts, krb4, krb5, krb5asrep, krb5pa-sha1, krb5tgs, krb5-17, krb5-18, krb5-3, kwallet, lp, lpcli, leet, lotus5, lotus85, LUKS, MD2, mdc2, MediaWiki, monero, money, MongoDB, scram, Mozilla, mscash, mscash2, MSCHAPv2, mschapv2-naive, krb5pa-md5, mssql, mssql05, mssql12, multibit, mysqlna, mysql-sha1, mysql, net-ah, nethalflm, netlm, netlmv2, net-md5, netntlmv2, netntlm, netntlm-naive, net-sha1, nk, notes, md5ns, nsec3, NT, o10glogon, o3logon, o5logon, ODF, Office, oldoffice, OpenBSD-SoftRAID, openssl-enc, oracle, oracle11, Oracle12C, osc, ospf, Padlock, Palshop, Panama, PBKDF2-HMAC-MD4, PBKDF2-HMAC-MD5, PBKDF2-HMAC-SHA1, PBKDF2-HMAC-SHA256, PBKDF2-HMAC-SHA512, PDF, PEM, pfx, pgpdisk, pgpsda, pgpwde, phpass, PHPS, PHPS2, pix-md5, PKZIP, po, postgres, PST, PuTTY, pwsafe, qnx, RACF, RACF-KDFAES, radius, RAdmin, RAKP, rar, RAR5, Raw-SHA512, Raw-Blake2, Raw-Keccak, Raw-Keccak-256, Raw-MD4, Raw-MD5, Raw-MD5u, Raw-SHA1, Raw-SHA1-AxCrypt, Raw-SHA1-Linkedin, Raw-SHA224, Raw-SHA256, Raw-SHA3, Raw-SHA384, ripemd-128, ripemd-160, rsvp, Siemens-S7, Salted-SHA1, SSHA512, sapb, sapg, saph, sappse, securezip, 7z, Signal, SIP, skein-256, skein-512, skey, SL3, Snefru-128, Snefru-256, LastPass, SNMP, solarwinds, SSH, sspr, Stribog-256, Stribog-512, STRIP, SunMD5, SybaseASE, Sybase-PROP, tacacs-plus, tcp-md5, telegram, tezos, Tiger, tc_aes_xts, tc_ripemd160, tc_ripemd160boot, tc_sha512, tc_whirlpool, vdi, OpenVMS, vmx, VNC, vtp, wbb3, whirlpool, whirlpool0, whirlpool1, wpapsk, wpapsk-pmk, xmpp-scram, xsha, xsha512, ZIP, ZipMonster, plaintext, has-160, HMAC-MD5, HMAC-SHA1, HMAC-SHA224, HMAC-SHA256, HMAC-SHA384, HMAC-SHA512, dummy, crypt

Wordlist

Crack hashes using a wordlist

WL=/usr/share/wordlists/rockyou.txt

# Crack Linux passwords
sudo /usr/sbin/unshadow /etc/passwd /etc/shadow > ~/passwords.txt
john --wordlist=$WL ~/passwords.txt
john --show ~/passwords.txt

Word list generation

abc0 to abc9

john --mask=abc?d --stdout

Mask attack

Mask: ?l (lowercase), ?u (uppercase), ?d (digits), ?s (specials), ?a (all), [aouei] (range)

8 chars: Upper + Lower*5 + Digit + Special, e.g. Abcdef1!

john --format=<hash type> --mask='?u?l?l?l?l?l?d?s' hash.txt

8 chars: All characters (lower, upper, digit, special)

For performance reasons, set the fork number (for using CPU) or use OpenCL hash format (for using GPUs).

john --format=<hash type> --mask='?a?a?a?a?a?a?a?a' --fork=16 hash.txt
john --format=<hash type> --mask='?a' --length=8 --fork=16 hash.txt

1 to 8 chars: All characters

john --format=<hash type> --mask='?a' --min-length=1 --max-length=8 hash.txt

Kerberoast Tickets

Obtain tickets using Mimikatz.

Convert tickets to John format

There is an issue with kirbi2john already present in Kali, so download the latest version of Kerberoast and use that version.

cd /home/kali
git clone https://github.com/nidem/kerberoast.git
KIRBI=/home/kali/<filename>.kirbi
python3 /home/kali/kerberoast/kirbi2john.py $KIRBI > ${KIRBI}.john

Crack tickets

WL=/home/kali/wl.txt
john --wordlist=$WL ${KIRBI}.john

ZIP files

ZIPFILE=file.zip
WL=/usr/share/wordlists/rockyou.txt
zip2john $ZIPFILE > zip.txt
john --wordlist=${WL} zip.txt

Oracle

HASH=/root/hash.txt
WL=/usr/share/wordlists/rockyou.txt

# formats: oracle, oracle11, Oracle12C
john --format=oracle --wordlist=$WL $HASH
john --show $HASH

Usage

SSH private keys

John the Ripper isn’t cracking the file itself (i.e. the number of bytes in the generated key doesn’t matter), JtR is just cracking the private key’s encrypted password.

# Create the public/private key pair with a predictable password:
ssh-keygen -t rsa -b 4096
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa): /root/.ssh/id_rsa_jtr_test
Enter passphrase (empty for no passphrase): password

# Create encrypted zip
cd ~/.ssh
python /usr/share/john/ssh2john.py id_rsa_jtr_test > id_rsa_jtr_test.hash

# Dictionary attack
WL=/usr/share/wordlists/rockyou.txt
john --wordlist=$WL id_rsa_jtr_test.hash

john --show id_rsa_jtr_test.hash

Hash types that can be cracked

locate *2john*
/usr/sbin/bitlocker2john
/usr/sbin/dmg2john
/usr/sbin/gpg2john
/usr/sbin/hccap2john
/usr/sbin/keepass2john
/usr/sbin/putty2john
/usr/sbin/racf2john
/usr/sbin/rar2john
/usr/sbin/uaf2john
/usr/sbin/vncpcap2john
/usr/sbin/wpapcap2john
/usr/sbin/zip2john
/usr/share/doc/john/README.7z2john.md
/usr/share/doc/john/pcap2john.readme.gz
/usr/share/john/1password2john.py
/usr/share/john/7z2john.pl
/usr/share/john/DPAPImk2john.py
/usr/share/john/adxcsouf2john.py
/usr/share/john/aem2john.py
/usr/share/john/aix2john.pl
/usr/share/john/aix2john.py
/usr/share/john/andotp2john.py
/usr/share/john/androidbackup2john.py
/usr/share/john/androidfde2john.py
/usr/share/john/ansible2john.py
/usr/share/john/apex2john.py
/usr/share/john/applenotes2john.py
/usr/share/john/aruba2john.py
/usr/share/john/axcrypt2john.py
/usr/share/john/bestcrypt2john.py
/usr/share/john/bitcoin2john.py
/usr/share/john/bitshares2john.py
/usr/share/john/bitwarden2john.py
/usr/share/john/bks2john.py
/usr/share/john/blockchain2john.py
/usr/share/john/ccache2john.py
/usr/share/john/cisco2john.pl
/usr/share/john/cracf2john.py
/usr/share/john/dashlane2john.py
/usr/share/john/deepsound2john.py
/usr/share/john/diskcryptor2john.py
/usr/share/john/dmg2john.py
/usr/share/john/ecryptfs2john.py
/usr/share/john/ejabberd2john.py
/usr/share/john/electrum2john.py
/usr/share/john/encfs2john.py
/usr/share/john/enpass2john.py
/usr/share/john/ethereum2john.py
/usr/share/john/filezilla2john.py
/usr/share/john/geli2john.py
/usr/share/john/hccapx2john.py
/usr/share/john/htdigest2john.py
/usr/share/john/ibmiscanner2john.py
/usr/share/john/ikescan2john.py
/usr/share/john/itunes_backup2john.pl
/usr/share/john/iwork2john.py
/usr/share/john/kdcdump2john.py
/usr/share/john/keychain2john.py
/usr/share/john/keyring2john.py
/usr/share/john/keystore2john.py
/usr/share/john/kirbi2john.py
/usr/share/john/known_hosts2john.py
/usr/share/john/krb2john.py
/usr/share/john/kwallet2john.py
/usr/share/john/lastpass2john.py
/usr/share/john/ldif2john.pl
/usr/share/john/libreoffice2john.py
/usr/share/john/lion2john-alt.pl
/usr/share/john/lion2john.pl
/usr/share/john/lotus2john.py
/usr/share/john/luks2john.py
/usr/share/john/mac2john-alt.py
/usr/share/john/mac2john.py
/usr/share/john/mcafee_epo2john.py
/usr/share/john/monero2john.py
/usr/share/john/money2john.py
/usr/share/john/mozilla2john.py
/usr/share/john/multibit2john.py
/usr/share/john/neo2john.py
/usr/share/john/office2john.py
/usr/share/john/openbsd_softraid2john.py
/usr/share/john/openssl2john.py
/usr/share/john/padlock2john.py
/usr/share/john/pcap2john.py
/usr/share/john/pdf2john.pl
/usr/share/john/pem2john.py
/usr/share/john/pfx2john.py
/usr/share/john/pgpdisk2john.py
/usr/share/john/pgpsda2john.py
/usr/share/john/pgpwde2john.py
/usr/share/john/prosody2john.py
/usr/share/john/ps_token2john.py
/usr/share/john/pse2john.py
/usr/share/john/pwsafe2john.py
/usr/share/john/radius2john.pl
/usr/share/john/radius2john.py
/usr/share/john/sap2john.pl
/usr/share/john/signal2john.py
/usr/share/john/sipdump2john.py
/usr/share/john/ssh2john.py
/usr/share/john/sspr2john.py
/usr/share/john/staroffice2john.py
/usr/share/john/strip2john.py
/usr/share/john/telegram2john.py
/usr/share/john/tezos2john.py
/usr/share/john/truecrypt2john.py
/usr/share/john/vdi2john.pl
/usr/share/john/vmx2john.py