John The Ripper Guide

July 31, 2023 · 7 minute read

Introduction

DISCLAIMER: The information provided in this article is intended for EDUCATIONAL purposes only. It is NOT intended to promote, encourage, or condone any illegal or unethical activities. Any actions taken based on information provided in this article are at the sole discretion and risk of the user. By reading this article, you acknowledge and agree to these terms.

John The Ripper is an open-source password cracking tool developed by Solar Designer, also known as Alexander Peslyak. John The Ripper's primary purpose is to crack password hashes using various methods such as dictionary attacks, brute-force attacks, and rainbow table attacks. It is designed to exploit common weaknesses in password security systems.

Hashing passwords is a process that converts plaintext passwords into a seemingly indecipherable string of characters. This approach offers significant security improvements over storing passwords in plaintext. It's important to recognize that even storing passwords as hashes isn't foolproof against cyber attacks. Certain techniques such as "Pass the Hash" or hash-cracking are still highly effective against weak hashing algorithms or weak passwords.

Here are some of the most prominent attacks on passwords:

Brute-Force Attack: In this attack, an attacker systematically tries all possible combinations of charactersuntil the correct password is found. This method is resource-intensive and time-consuming, however is particularly effective against weak passwords.
Dictionary Attack: Similar to brute-force attacks, a dictionary attacks involves hashing a list of words or phrases from a given dictionary, then comparing hashes to the target hash. If resulting hashes match, it implies that the password has been identified successfully.
Pass The Hash Attack: In PtH attacks, the attackers don't need to decrypt a passwords hash, instead they steal the hash and directly pass it to authenticate to a system.

John the Ripper functions by performing a process known as "brute-forcing" or a "dictionary attack". However, this is only effective in cases where weak or commonly used passwords are employed. If strong and unique passwords are employed, dictionary attacks and brute forcing techniques are much less likely to succeed. Dictionary attacks use "wordlists", these wordlists contain a vast collection of words and phrases commonly used in passwords. One of the most well-known and widely used wordlist is rockyou.txt. This specific wordlist contains millions of user passwords from a data breach in 2009.

JtR is extremely versatile as it contains functionality to crack a wide array of formats from ZIP files, linux passwords, and NTLM hashes to RAR archives and SSH keys and more. In this post I'll only cover cracking basic hashes, however usage of the program remains relatively consistent irrespective of the specific type of hash we are trying to crack.

Cracking Hashes

Basic Dictionary Attack

A dictionary attack involves using a list of words from a dictionary file to try and crack passwords. Here's an example of how to run a dictionary attack using JtR:


──(root㉿kali)-[/home/kali]
└─# john --wordlist=dictionary.txt hashes.txt

While John has automatic hash recognition functionality, for accuracy purposes it is advisable if we just identify the exact hash from the start. There are several tools, methods, and online tools available to help you determine the hashing algorithm. I personally recommend hash-id.py by Zion3R.

Here's an example of how you can use JtR with a hash format specified:


──(root㉿kali)-[/home/kali]
└─# john --format=raw-sha256 -wordlist=rockyou.txt hashes.txt

In this example --format=raw-sha256 tells John that the hashing algorithm used is SHA-256.

Salted Hashes

To crack salted hashes, JtR requires knowledge of the salt. You can provide this using the --salt option.


──(root㉿kali)-[/home/kali]
└─# john --format=raw-sha256 -wordlist=rockyou.txt  --salt=salt_value hashes.txt

Practical Example


──(root㉿kali)-[/home/kali]
└─#  john --format=raw-sha256 --wordlist=/usr/share/wordlists/rockyou.txt hash.txt
    Using default input encoding: UTF-8
    Loaded 1 password hash (Raw-SHA256 [SHA256 256/256 AVX2 8x])
    Warning: poor OpenMP scalability for this hash type, consider --fork=2
    Will run 2 OpenMP threads
    Press 'q' or Ctrl-C to abort, almost any other key for status
    asdfghjkl       (?)
    1g 0:00:00:00 DONE (2023-08-08 15:48) 7.692g/s 756184p/s 756184c/s 756184C/s rozalia..Dominic1
    Use the "--show --format=Raw-SHA256" options to display all of the cracked passwords reliably
    Session completed.

──(root㉿kali)-[/home/kali]
└─#

Windows NTLM Hashes

Cracking NTLM hashes are particularly useful as they are specifically employed within Windows operating systems and can be acquired post-exploitation by dumping the SAM or using a tool like Mimikatz.

In Windows operating systems local user account passwords are stored as NTLM hashes. NTLM is an authentication protocol used by Windows for validating user credentials. When a user sets or changes their password, Windows generates an NTLM hash of the password and stores it in the Security Account Manager (SAM). If a user is privileged, they can extract and dump the contents of the SAM database which includes the hashes. NTLM is a legacy system however is still somewhat in use today. It is currently being phased out for more secure protocols like Kerberos.

Below is an example where I dump the SAM database using Pwdump7. For obvious reasons, I have slightly modified the values in the NTLM hashes.


PS C:\Users\sdao7\Downloads\pwdump7> .\PwDump7.exe
Pwdump v7.1 - raw password extractor
Author: Andres Tarasco Acuna
url: http://www.514.es

Administrator:500:58019DE345717430FF18B658A2D1C1C1:724BBAAF84BB6ECD5V1C63EEDEE85Z77:::
Guest:501:BF771F2391FD8132D502B96016787A57:11824D71B2547504ACE51F90C9072B30:::

When dumping the SAM database or using a tool like Pwdump to extract passwords, the hash will follow this partciular syntax.

Administrator - User name
500 - Relative Identifier (500 for Administrator) more here.
58019DE345717430FF18B658A2D1C1C1 - LM Hash
724BBAAF84BB6ECD5V1C63EEDEE85Z77 - NTLM Hash

You can find a list of all supported john formats with the following command:


root@offset:~/Desktop john --list=formats
descrypt, bsdicrypt, md5crypt, md5crypt-long, bcrypt, scrypt, LM, AFS, 
tripcode, AndroidBackup, adxcrypt, agilekeychain, aix-ssha1, aix-ssha256, 
aix-ssha512, andOTP, ansible, argon2, as400-des, as400-ssha1, asa-md5, 
AxCrypt, AzureAD, BestCrypt, bfegg, Bitcoin, BitLocker, bitshares, Bitwarden, 
BKS, Blackberry-ES10, WoWSRP, Blockchain, chap, Clipperz, cloudkeychain, 
dynamic_n, cq, CRC32, sha1crypt, sha256crypt, sha512crypt, Citrix_NS10, 
dahua, dashlane, diskcryptor, Django, django-scrypt, dmd5, dmg, dominosec, 
dominosec8, DPAPImk, dragonfly3-32, dragonfly3-64, dragonfly4-32, 
dragonfly4-64, Drupal7, eCryptfs, eigrp, electrum, EncFS, enpass, EPI, 
EPiServer, ethereum, fde, Fortigate256, Fortigate, FormSpring, FVDE, geli, 
gost, gpg, HAVAL-128-4, HAVAL-256-3, hdaa, hMailServer, hsrp, IKE, ipb2, 
itunes-backup, iwork, KeePass, keychain, keyring, keystore, known_hosts...

root@offset:~/Desktop john 
John the Ripper 1.9.0-jumbo-1+bleeding-51f7f3dcd 2020-09-01 13:29:43 +0200 OMP [linux-gnu 64-bit x86_64 AVX2 AC]
Copyright (c) 1996-2019 by Solar Designer and others
Homepage: https://www.openwall.com/john/

Security Measures

John The Ripper has significantly impacted the way organizations approach cybersecurity. Nowadays, the majority of organizations utilize much more robust authentication methods such as two-factor authentication (2FA), biometrics, and use of hardware tokens.

To mitigate vulnerabilities associated with hash cracking, the following measures are crucial to protecting your online accounts.

Use Strong Algorithms

Adopt modern, more secure hashing algorithms such as bcrypt, scrypt, or Argon2, which are specifically designed to resist current and future attack techniques. These hashing algorithms are the gold standard for password security in modern cryptography.

bcrypt is a widely used hashing algorithm developed by Niels Provos and David Mazières to specifically address vulnerabilities of older hashing algorithms. bcrypt offers better security by deliberately inducing a time delay in the hashing process, making it much harder for attackers to crack passwords through brute force or parrallelization.

scrypt is developed by Colin Percival with the aim of countering brute-force and rainbow table attacks by demanding a large amount of memory to compute hashes. This memory-intensive property makes it particularly resistant to hardware-accelerated attacks that are common in GPUs.

Argon2 is a hashing algorithm designed by Alex Biryukov, Daniel Dinu, and Dmitry Khovratovich. Argon2 makes use of memory-intensive operations making it resilient against both brute-force and GPU-based attacks. Furthermore, Argon is highly customizable, allowing users to set parameters such as memory usage, parallelism, and iterations, allow users to tailor the algorithm's security to their needs.

Salting

Salting passwords is a technique used to enhance the security of pasword hashing by adding a random unique value, the salt, to each password before salting it. The salt is then stored alongisde the hash in the database. This process helps mitiage various types of attacks such as rainbow table attacks, and attacks on duplicate passwords across multiple platforms.

1. Generate a Salt: Generate a long string of random characters.
2. Combine the Salt and the Password: Concatenate the salt to the password.
3. Hash the Salted Password: Use a strong cryptographic function such as bcrypt on the salted password.
4. Storage: Store both the salt and the resulting hash in the database. When the system attempts to authenticate, the system can retrieve the salt and the hash.
5. Verification: When a user enters their password during login, the system retrieves the salt, concatenates, and hashes the entered password with the same salt. If the generated hash is comparable with the stored hash, the entered password is correct and the user is granted access.

Two-Factor Authentication

Two-factor authentication (2FA) works by adding an extra layer of verification beyond a username and password. It requires users to provide two different types of authentication to verify their identify before granting access. These factors typically fall into three categories: something you know, something you have, and something you are.

1. Something You Know: This is something that only the user should know. For example the traditional username and password combination.
2. Something You Have: This is a physical device that only the user should have in their posession. For example, a smart phone, smart card, or any other device capable of generating or receiving authentication codes.
3. Something You Are: This typically involves biometric characteristics unique to the user such as fingerprint, facial recognition, or voice recognition.

Password Manager

A password manager is a tool designed to help users generate, store, and manage complex passwords for their online accounts. It enhances security by addressing common password-related vulnerabilities such as reusing passwords, weak passwords, and storing passwords in unsecured locations.

Password managers typically have built-in functionality that can generate strong, random, complex passwords. These passwords help minimize the risk of brute-force attacks. An example of this password might be something like: u3HX&6#gGrGrSz@Ty$UAKSN. Since these passwords are typically hard to type and hard to remember, a password manager helps solve this problem by safely storing, and allowing the user to autofill or copy and paste their passwords. Instead of relying on memory, a password manager provides a centralized, organized, and secure location for storing all passwords.