John the Ripper: Difference between revisions
From charlesreid1
| Line 20: | Line 20: | ||
See [[John the Ripper/Password Generation]] | See [[John the Ripper/Password Generation]] | ||
=Using John to Crack WPA= | |||
You can convert airodump-ng pcap files into a format that John can understand using the following steps [http://openwall.info/wiki/john/WPA-PSK]: | |||
==cap2hccap== | |||
First, you'll need to convert the pcap to a hashcat pcap (hccap) file, using cap2hccap tool: http://sourceforge.net/projects/cap2hccap/files/ | |||
Download it, and unzip it to a directory. Run <code>make</code> and it will make a tool called <code>cap2hccap.bin</code>, which you will then run as an executable. | |||
Call the bin file, pass it your cap file, then tell it where to output the hccap file: | |||
<pre> | |||
$ ./cap2hccap.bin /path/to/my.cap my.hccap | |||
</pre> | |||
==hccap2john== | |||
Now you'll need to use hccap2john, a tool that comes with John the Ripper. if you don't have it (if you're using John the Ripper as part of a package manager, that doesn't build it), it's ok, you can just make a local build of John and use the tool from there. | |||
Download John the Ripper, and make it. | |||
<pre> | |||
$ tar xzf john-1.7.9-jumbo-7.tar.gz | |||
$ cd john* | |||
$ cd src | |||
$ make linux-x86-64 | |||
</pre> | |||
Make sure you have LibSSL headers installed: | |||
<pre> | |||
$ apt-get install libssl-dev | |||
</pre> | |||
=References= | =References= | ||
Revision as of 00:09, 17 August 2015
John the Ripper is a tool for password cracking and recovery.
John is part of the Kali Top 10
How It Works
John works great with other programs, since it does many things well, and each of those capabilities are valuable on their own and can be combined with other programs. For an example, see Aircrack and John the Ripper
Password Generation
First, John has a powerful password generation mechanism. It does not simply take wordlists. It can generate many, many more passwords from those wordlists. For example, starting with a list of the 10,000 most common passwords, John can create additional lists with 400,000 or 8 million additional password variations to try. You can carefully control how those variations are generated to target your password search as you go.
Password Testing and Encryption
Second, John has support for many encryption mechanisms built-in, so it can handle a wide variety of password files. If you have a Unix password file with a list of users and encrypted passwords, John can brute force it.
Using John as a Password Generator
My introduction and main experience with John is feeding it wordlists and using it to generate passwords to test from that wordlist.
See John the Ripper/Password Generation
Using John to Crack WPA
You can convert airodump-ng pcap files into a format that John can understand using the following steps [1]:
cap2hccap
First, you'll need to convert the pcap to a hashcat pcap (hccap) file, using cap2hccap tool: http://sourceforge.net/projects/cap2hccap/files/
Download it, and unzip it to a directory. Run make and it will make a tool called cap2hccap.bin, which you will then run as an executable.
Call the bin file, pass it your cap file, then tell it where to output the hccap file:
$ ./cap2hccap.bin /path/to/my.cap my.hccap
hccap2john
Now you'll need to use hccap2john, a tool that comes with John the Ripper. if you don't have it (if you're using John the Ripper as part of a package manager, that doesn't build it), it's ok, you can just make a local build of John and use the tool from there.
Download John the Ripper, and make it.
$ tar xzf john-1.7.9-jumbo-7.tar.gz $ cd john* $ cd src $ make linux-x86-64
Make sure you have LibSSL headers installed:
$ apt-get install libssl-dev
References
John documentation: http://www.openwall.com/john/doc/OPTIONS.shtml
A fantastic and thorough list of tutorials for beginners: http://openwall.info/wiki/john/tutorials
WPA/WPA2 with John: http://openwall.info/wiki/john/WPA-PSK
John/Defcon Crack Me If You Can Contest: http://contest-2010.korelogic.com/
Using the korelogic rules: http://contest-2010.korelogic.com/rules.html
all the rules: http://openwall.info/wiki/_media/john/korelogic-rules-20100801.txt
Bunches of John + MPI tutorials: http://openwall.info/wiki/john/tutorials