Johntheripper

How to Hack PDF, ZIP, WINDOWS and Linux user Password using John the Ripper Tool

Hack PDF and ZIP || WINDOWS and Linux user Password using John the Ripper Tool – Notice: the word hack used only mean Ethical hacking

About John the Ripper

John the Ripper is a free password cracking software tool. It only developed for Unix Operating System but now it runs on 15 different platforms. Which is 11 of them are Unix, DOS, Windows 7 to newer version, BeOS and openVMS. Under License GNU General Public License. That’s Why – Hack PDF and ZIP || WINDOWS and Linux user Password using John the Ripper

It used mostly for password testing and breaking software. As it combines many number, letters and symbols as password cracker in one package and it also contain a customizable password cracker and which make this more efficient to crack. It also have ability to crack MD4-based password hashes and passwords stored in LDAP, MySQL and some others. This tool often used in the enterprises to detect weak password.

Pro version of John the Ripper tool provide support for windows NTLM(MD4-based) and MacOS X 10.4 + salted SHA-1 hashes.

 

Source : Wikipidia and Respritory : github.com

Simple output from Debian Environment :

# cat pass.txt
user:AZl.zWwxIh15Q
# john -w:password.lst pass.txt
Loaded 1 password hash (Traditional DES [24/32 4K])
example         (user)
guesses: 1  time: 0:00:00:00 100%  c/s: 752  trying: 12345 - pookie

How to Install John in Kali Linux and Windows

Usually john pre-installed in Kali Linux but about windows it not comes with pre-install so download link from softpeadia and openwall.com

Install John the Ripper in Kali Linux

  • Open your terminal
  • Enter command

sudo apt-get install john

It will install, it requires internet connection.

Installing in Windows

Download the tool from Softpedia or openwall.com or any official website.

  • Download Zip
  • Extract that Zip
  • Then go to folder run
  • Click on john.exe

Unable to find? Recommendation : How to Install John the Ripper on Windows. This post will help you, How to fully install John the Ripper tool, which you use it from every where.

How To?

It’s common that all password which give assess after entering password without connecting to internet. Means that anything that give asses at offline, thus it’s sure passwords are saved in any one of the files which is saved in a directory or any encrypt file. Usually all password is save in directory but that files is encrypted with MD5 or SHA1 or any other type of hashes for example – windows passwords are saved in SAM and SYSTEM but in Linux it doesn’t need to know which type of hashes is used, zip password are in zip type of hashes and more we will discuss about it . So we are required to know where is the passwords of Linux user are saved nd windows. In which directory?

Example Number #1 – Hacking Linux User Password using Kali Linux

By Default Linux users passwords is saved in this /etc/shadow/ directory.

Follow this Steps to Crack (Example) :

  • Open Your Terminal
  • Enter command –

john /etc/shadow/

Note : – Password you are cracking is for one time because all password cracked by john is save in a file and If you want you can see it again by command :

john --show /etc/shadow/

Example Number #2 – Decryption of MD5 hashes

Requirements :

  • Words which is encrypted in MD5 hashes.
  • You can also generate MD5 hashes many website will be present if you search on search engine.
  • That words should in file i.e, ethicalsource-md5.txt

Let’s string would be 123456 after generating hash of this string in MD5 it looks like this : e10adc3949ba59abbe56e057f20f883e. So, I will create sourcethical.txt file in which this hash will be there e10adc3949ba59abbe56e057f20f883e. Hashes generated by : md5hashgenerator

Steps :

  • Open your terminal
  • Enter command :

john --format=raw-MD5 {filename.txt}

  • It will take some time to crack it password but it will take less time if your PC is faster
MD5 Hashes has been Cracked

Example Number #3 – Cracking ZIP/RAR File Password

Requirements :

  • You must have password protected zip file
  • zip2john file (comes with john the ripper tool)

Have read the “How To” paragraph if yes the it okey but if not then go and read it which is that – at up!. because you will get idea how i will do this. But if you have already read then you have an idea how i will crack zip password. As you know that zip also store it’s password in any encrypted file. So we have to take out that encrypted file from zip to john in a txt file.

Follow the Steps :

  • Open your terminal
  • Enter Command

zip2zohn [zipfilename.zip]>[outputfilename.txt]

Here zipfilename is Password protect Zip File and outputfilename.txt is a file where we save out hashes of zip.

So For example, Follow Steps :

  • Create password protected zip file
    • right click on any file which you want to put in password protected zip file.
    • Click on Add to Archive
    • under archive format click on ZIP
    • On the upside of ok and cancel button click on “set the password”
    • After entering password press ok
    • Then again press enter (my file name is example.zip)
    • If that file is large then it will take some time
  • Enter command

zip2john example.zip>outputfileName.txt

  • encrypt password will be in outputfilename.txt you can view this file
  • And then we have to use that hash to crack password.
  • Enter command

john --format=zip outputfilename.txt

After sometime it will crack but but and but it take longer time if password is hard or strong.

Want to test with RAR file? replace zip with rar

  • And then enter command(this for drive away hashes from rar)

rar2john example.rar>outputfilename.txt

All are same process but replace zip to rar.

  • Enter command (cracking password from outputfilename.txt)

zip2john --format=rar outputfilename.txt

Example Number #3 – Cracking Windows Password

Have you read that “How To” paragraph because someone directly come at here but if yes then you have get idea it also have same but different. If not then read it out.

So let’s Start. Usually Windows stored password in directory C://windows/system32/config. If you open that directory you will find that there is many files but we only need two of them as our requirements.

WARNING : DON’T CUT or DELETE ANY FILES from there if you have taken administrative permission.

After this we need two copy SAM and SYSTEM files but it’s possible with only administrative permission but I will tell you a short way to copy. For administrative permission i will use “command prompt(Adminstrative)” to copy.

So for this follow steps

  • firstly open your cortana (right side of start menu) or search
  • type and search cmd you will see command prompt

  • then right click on command prompt
  • then click on “run as administrative”
  • Go to that directory where you want to copy, i will copy it on Desktop
  • for this enter command

cd C:users%username%Desktop

  • Now we have to copy that file
  • Enter command for copy SAM file

reg save hklmSYSTEM SYSTEM

  • Enter command for copy SYSTEM file

reg save hklmSAM SAM

Here you know that what is reg command if you have see it. if not then it’s registry setting of your computer.

Follow steps to hack password

  • Now Come back to your terminal which is in that direcort where you have save that files so i am in Desktop Directory
  • Enter Command

samdump2 SYSTEM SAM>outputfilename.txt

Finally we have to take out password from that hashes

  • Enter command

john --format=LM --user=[USERNAME] outputfile.txt

  • Here username will be that username you want hack password
  • Hit Enter

All Done take some time to complete

Doubt?

Got some errors or have question/queries ask in comment.

1 thought on “How to Hack PDF, ZIP, WINDOWS and Linux user Password using John the Ripper Tool”

  1. crypto sports betting

    Link exchange is nothing else but it is just placing the
    other person’s blog link on your page at appropriate place
    and other person will also do same in favor of you.

Leave a Comment

Your email address will not be published.