John The Ripper

Room Link: https://tryhackme.com/room/johntheripper0

Hash ID

Great tool that the room provides, use it to identify the hash type when John can't identify the hash by itself.

wget https://gitlab.com/kalilinux/packages/hash-identifier/-/raw/kali/master/hash-id.py

Walkthrough

Cracking Basic Hashes

What type of hash is hash1.txt?

According to hash-id MD5 is the most likely format.

cat hash1.txt
python3 hash-id.py 2e728dd31fb5949bc39cac5a9f066498

What is the cracked value of hash1.txt?

john --format=raw-md5 hash1.txt

What type of hash is hash2.txt?

SHA-1 is the most likely possible hash.

cat hash2.txt
python hash-id.py 1A732667F3917C0F4AA98BB13011B9090C6F8065

What is the cracked value of hash2.txt

john --format=raw-sha1 hash2.txt

What type of hash is hash3.txt?

cat hash3.txt 
python hash-id.py D7F4D3CCEE7ACD3DD7FAD3AC2BE2AAE9C44F4E9B7FB802D73136D4C53920140A

What is the cracked value of hash3.txt

john --format=raw-sha256 hash3.txt --wordlist=/usr/share/wordlists/rockyou.txt

What type of hash is hash4.txt?

cat hash4.txt 
python hash-id.py c5a60cc6bbba781c601c5402755ae1044bbf45b78d1183cbf2ca1c865b6c792cf3c6b87791344986c8a832a0f9ca8d0b4afd3d9421a149d57075e1b4e93f90bf

What is the cracked value of hash4.txt

john --format=raw-sha512 hash4.txt --wordlist=/usr/share/wordlists/rockyou.txt

SHA-512 didn't work.

Hash was Whirlpool which hash-id also thought it could be.

john --format=whirlpool hash4.txt --wordlist=/usr/share/wordlists/rockyou.txt

Cracking Windows Authentication Hashes

What do we need to set the "format" flag to, in order to crack this?

Flag should be set to NT

python hash-id.py 5460C85BD858A11475115D2DD3A82333

What is the cracked value of this password?

john --format=nt ntlm.txt --wordlist=/usr/share/wordlists/rockyou.txt

Cracking /etc/shadow Hashes

What is the root password?

john --wordlist=/usr/share/wordlists/rockyou.txt --format=sha512crypt etchashes.txt

Single Crack Mode

Identified the hash as MD5 and added Jokers username to the file.

cat hash7.txt
python hash-id.py 7bf6d9bb82bed1302f331fc6b816aada
vi hash7.txt
john --single --format=raw-md5 hash7.txt

Cracking Password Protected Zip Files

zip2john secure.zip > secure_john.txt
john --wordlist=/usr/share/wordlists/rockyou.txt secure_john.txt

Cracking Password Protected RAR Archives

/opt/john/rar2john secure.rar > secure_john.txt
john --wordlist=/usr/share/wordlists/rockyou.txt secure_john.txt

Cracking SSH Keys with John

/opt/john/ssh2john.py idrsa.id_rsa > id_john.txt
john --wordlist=/usr/share/wordlists/rockyou.txt id_john.txt

PreviousPickle RickNextAttacktive Directory

Last updated