In previous post on John The Ripper we saw how to compile it for Linux and UNIX boxes. Now its time to begin out password cracking journey with John The Ripper. As you already know main task of John The Ripper is cracking and auditing weak user accounts on UNIX and UNIX like systems you will need /etc/passwd , /etc/shadow and /etc/expired files from the UNIX or Linux box whose passwords you want to crack or audit.
It might happen that if you have not locked shells for users you will not have /etc/expired file also if system administrator has not enabled pwconv utility then you’ll not find /etc/shadow file.
Now if your system does not have /etc/shadow file that is pwconv is not enabled just create copy of /etc/passwd file and use it as input. Type any of the following commands to create its copy,
[root@localhost~]#cp /etc/passwd ~/Desktop
copy file on desktop.
[root@localhost~]#cat /etc/passwd >~/Desktop/password.txt
copy file as password.txt on desktop.
Now put this file in run folder of John The Ripper. Now open terminal and browse to run directory in John folder. If system administrator has enabled pwconv then you have to copy both /etc/passwd and /etc/shadow files in run directory in john folder. To unshadow password file you can use unshadow utility from John The Ripper.
[root@localhost run~]#./unshadow passwd shadow > password.txt
if you have copied files from another system.
[root@locahost run~]#./unshadow /etc/password /etc/shadow > password.txt
if you are auditing your own system.
Now lets begin password cracking. The very basic command that is most generally used for cracking passwords by John The Ripper is,
[root@localhost run~]#./john password.txt
This will first try cracking passwords via single crack mode. Single crack mode means very weak password. If it fails to crack password by single crack method which generally happens it moves on to word list for password cracking the word list is located in john folder with name password.lst , this list is default password list for john you can download more from http://www.openwall.com/john/. If your password is not in list John The Ripper will not be able to crack password. If this is very first time you are cracking password using John The Ripper I would advise to to intentionally put the real password anywhere in password.lst file to see output. After successful execution John The Ripper will save password in john.pot file. You can use any of these following commands to see cracked password.
[root@localhost run~]#./john – -show password.txt
[root@localhost run~]#cat john.pot
this will show you saved results for password.txt. Please note that for cracking password.txt file again you have to remove john.pot from that folder else it will give you error. Now try it yourself, since this tutorial is aimed at complete beginner I have left advanced option for next time. I hope I kept everything very easy, if you still have problem feel free to ask.
Note: In windows system you’ll not need to use “ ./ ” before typing john or unshadow it is used in Linux and UNIX to tell computer to execute file.