Homehow ToJohn the Ripper: Get to know the most popular tool in the field of ethical ...

John the Ripper: Get to know the most popular tool in ethical hacking

You've probably heard of John the Ripper (JRR), one of the most popular ethical hacking tools that combines many different programs to password cracking using techniques such as Brute Force or dictionary attacks.

John the Ripper ethical hacking

Brute-force attack refers to the exhaustive testing of possible keys that generate a cryptographic key to reveal the original message. A dictionary attack attempts to test "every word in the dictionary" as possible password for an encrypted message. The attacks they usually use a dictionary / dictionaries containing the passwords most often chosen by users, as well as many alphabet words. A dictionary attack is generally more effective than a brute-force attack because users choose weak passwords.

JtR can support several different technologies encryption  in an environment Unix (so Mac) and Windows. It can and does detect the hash function type and compare hashed data to a huge plain text file that contains popular passwords. These codes are "lost" by the JtR which stops the process when there is an match.

This ethical hacking tool contains its own lists of well-known passwords in over 20 different languages. These lists provide JtR with thousands of different passwords / values ​​for which it can generate the corresponding hash value and as a result find the victim password. Because most people use easy-to-remember passwords, the techniques used by JtR are quite effective.


Why use it?

As we have already mentioned, John the Ripper is a password cracker that can help identify weak passwords and weak password policies.

The different technologies that it is capable of detecting are:


  • UNIX crypt (3)
  • DES-based
  • "Bigcrypt"
  • BSDI extended DES-based
  • MDBSNUMX-based FreeBSD (Linux and Cisco IOS)
  • OpenBSD Blowfish-based
  • Kerberos / AFS
  • Windows LM (DES-based)
  • DES-based tripcodes
  • SHA-crypt hashes (newer Fedora and Ubuntu versions)
  • SHA-crypt and SUNMD5 hashes (Solaris)


In the list above, other technologies can be added as JtR is open source and contributors can write support extensions.


How to download John the Ripper

The tool is .so you can download and compile the code yourself, download the executable binaries or find it preinstalled in a package for penetration testing.

The official website of John the Ripper is located at Openwall. From there you can download the source code and binaries and then contribute to the project through Github.



$ cd ~ / src
$ git clone git: //github.com/magnumripper/JohnTheRipper -b bleeding-jumbo john
$ cd ~ / src / john / src
$ ./configure && make -s clean && make -sj4



Windows users can find the complete documentation with the corresponding installation instructions on the page Wiki by John the Ripper.

Finally, you can find it pre-installed in the well-known operating system distribution for penetration testing, Kali Linux as part of metapackages for password cracking.


How to use it

Below you will find basic commands that will help you become more familiar with JtR. For starters, what you need is a file containing a hashed value to decrypt.

If you want to check all available tool commands, you can run the following:


. \ john.exe

JtR can work in 3 different modes:

  • Signle crack mode
  • Wordlist mode
  • Incremental


The first is the quickest option if you have the entire file to decrypt. Wordlist mode compares the encrypted / hashed value with a list of possible password matches. Accordingly, incremental mode is the most powerful mode of 3 since it tests all possible combinations in order to find the right one password (brute force).

The following command tells JtR to run in single crack mode, then in wordlist mode by comparing the hashed file with default wordlists containing possible passwords, and then in incremental mode.


. \ john.exe passwordfile


You can download different wordlists from it Internet but also create your own. Use your JtR lists by running the following command:

. \ john.exe passwordfile -wordlist = ”wordlist.txt”


Select the desired mode using this parameter:

. \ john.exe –single passwordfile

. \ john.exe –incremental passwordfile


To see the list of decrypted passwords, use the -show parameter:

. \ john.exe -show passwordfile


If the list of "broken" passwords is large, you can use the corresponding parameters to filter it. For example, to check for user root passwords, use the -users parameter:

. \ john.exe –show –users = 0 passwordfile


How did John the Ripper look to you? We look forward to your comments on one of the most popular tools in ethical hacking ...






Here's the crazy ones, the misfits, the rebels, the troublemakers ...