IT Security Stack Exchange
IT Security Stack Exchange

Questions tagged [john-the-ripper]

John the Ripper is a fast password cracker, currently available for many flavors of Unix, Windows, DOS, and OpenVMS. Its primary purpose is to detect weak Unix passwords. Besides several crypt(3) password hash types most commonly found on various Unix systems, supported out of the box are Windows LM hashes, plus lots of other hashes and ciphers in the community-enhanced version ("jumbo"). [openwall.com]

John the Ripper is a fast password cracker, currently available for many flavors of Unix, Windows, DOS, and OpenVMS. Its primary purpose is to detect weak Unix passwords. Besides several crypt(3) password hash types most commonly found on various Unix systems, supported out of the box are Windows LM hashes, plus lots of other hashes and ciphers in the community-enhanced version. [openwall.com]

126 questions
10
votes
1 answer

Use John the Ripper to break Password Protected Zip

I installed kali linux, that comes with John the ripper. I have a password-protected zip file. I'm pretty sure the password is complex. I first convert the zip into a hash: sudo zip2john FILE_LOCATION > zippedzip.txt It took around 20 seconds to…
Tarun Ravi
  • 101
  • 1
  • 1
  • 3
3
votes
1 answer

How do I select the correct hash value / Why is my hash so extremely long?

I have used zip2john to get the hash for a zip file like that: zip2john.exe myfile.zip > hash.txt john told me: ver 2.0 myfile.zip/SomeDir/SomeFile.itv PKZIP Encr: cmplen=11813, decmplen=20364, crc=9CA2F026 ver 2.0 myfile.zip/packageInfo.plist…
tmighty
  • 141
  • 1
  • 9
2
votes
0 answers

John The Ripper: "No such file or directory"

I am using John the Ripper jumbo release on Windows: 1.9.0-jumbo-1 64-bit Windows binaries I am told that there MIGHT be 2 different passwords in the zip file. To avoid problems, I should pick only 1 file. To do that, I should use the -o option. If…
tmighty
  • 141
  • 1
  • 9
2
votes
1 answer

John the Ripper: Output meaning - wordlist mode

Does the result output line of john the ripper show all the words tried? E.g. does this line 0g 0:00:00:08 DONE (2022-03-11 06:00) 0g/s 1665Kp/s 1665Kc/s 1665KC/s 99CS .. 9999 mean that john tried all the words in the range between 99CS and 9999? Or…
Bat
  • 121
  • 5
2
votes
1 answer

Generate a wordlist using John the Ripper

I want to generate wordlist with these rules: 8 characters, at least one uppercase letter, at least one lowercase letter, exactly two numbers. I've done a lot of google searching, and can't seem to understand how to do this. Can I get some…
john
  • 21
  • 1
  • 3
2
votes
1 answer

John the Ripper Brute Force not working (Windows Hash)

I'm pentesting for a class in Kali Linux, cracking a Windows 7 password. I mounted the windows' hard drive in Kali, ran PWDUMP7 and got the hashes saved on the desktop. It's only showing some of the users, but not any that I created for…
C-Love511
  • 123
  • 1
  • 5
1
vote
1 answer

John The Ripper hash does not correlate with hashcat example hash

I want to recover a zip password using hashcat. hashcat requires the hash of the desired password. In order to obtain it, I have tried using zip2john using: sudo zip2john /home/kali/Desktop/myfile.zip > hash.txt It works and outputs a hash. This…
tmighty
  • 141
  • 1
  • 9
1
vote
2 answers

John The Ripper - how to try all combinations from individual given expressions in a password list?

In order to understand what should be done in a real user case, I made this test: I created a GnuPG key, with the passphrase twothree I exported the private key part of it (ASCII armored) I generated the hash file for this part by using the…
secarica
  • 113
  • 4
1
vote
1 answer

why doesn't john work on an unshadow file

I was trying to unshadow my passwd and shadow file on the new version of john. However, every time I try to use john to decrypt the hash it throws an error. Using default input encoding: UTF-8 No password hashes loaded (see FAQ) But if I go to take…
salluc 1
  • 11
  • 3
1
vote
1 answer

Understanding the output of John the Ripper

The hash I am trying to break is 279412f945939ba78ce0758d3fd83daa, it's part of a task for learning John. I created a file hash.txt using: echo -n 279412f945939ba78ce0758d3fd83daa > hash.txt. Then, I tried running hashid over it and it gave me md2,…
Sohail
  • 111
  • 1
  • 4
1
vote
0 answers

John the Ripper add special characters

I have been trying to do this for hours and can´t really figure this out. How can I pass only this range of signs to John the Ripper? ./john hashes --mask=Pepito[1234567890!"·$%&/()=|@#~€]--min-length=9 --max-length=21 I basically know half of the…
Roger
  • 11
  • 1
  • 2
1
vote
0 answers

Normal for John the Ripper to fail to crack password after having successfully cracked it before?

The first two or three times I ran it, John the Ripper successfully cracked a password file with a single hashed password. Since then, however, I've only been getting this result (with the same password file and JtR version): 0 password hashes…
NoWayWhatsoever
  • 11
  • 1
1
vote
0 answers

No password hashes loaded john the ripper

I'm trying to use john the ripper to vbulletin hashes. Example command here; john -w: D:\Leak\1.2billion.txt -form:dynamic_1007 C:\Users\fatih\Desktop\m2711\m2711-2.hash output: Warning: invalid UTF-8 seen reading D:\Leak\1.2billion.txt Using…
Fatih Durmuş
  • 9
  • 1
  • 5
1
vote
0 answers

Trying to customize john rules, require at least one symbol in passwords

I"m trying to crack passwords that contains at least one symbol, e.g qwe@123 I'm reading through the cheat sheet here, didn't find anything relevant, does anyone know?
daisy
  • 2,067
  • 7
  • 31
  • 44
1
vote
1 answer

John the Ripper known part of password

For migration purposes i need to get the plaintext password for all our accounts, stored in the shadow file. Our system uses usernames in the format "firstname.lastname" and password is either "firstname + single_number + single_letter" or "lastname…
tilkov
  • 113
  • 4
1
2