Friday, 24 February 2012

using John The Ripper on password hashes

i've been playing around with some of the challenges on HackThisSite and decided i would write a post on using John The Ripper to reverse password hashes

i'm doing this in Ubuntu 11.10 (Oneiric Ocelot), it might work with other distros but then again it might not. you can ust apt-get to install JTR on your Ubuntu system but i only want it on a temporary basis so i'm doing it from source.

first install ssl development libraries
sudo apt-get install libssl-dev
download JTR
cd Downloads (or wherever you put yours)
wget http://download.openwall.net/pub/projects/john/1.7.9/john-1.7.9-jumbo-5.tar.bz2
at the time of writing this is the latest version with all the additional patches applied to the source.
extract the archive, cd into the src directory within and compile (you can issue make with nothing else and it will list the different system types you can compile for, linux-x86-sse2i is a fairly safe bet for modern systems)
tar xvf john-1.7.9-jumbo-5.tar.gz
cd john-1.7.9-jumbo-5/src
make clean linux-x86-sse2
put the hash to crack into a file somewhere easily accessible, like ~/
echo "dfaef9134f0c6e97ce4d46c58b6a6535" > ~/hash.moo
change to the run directory
cd ../run
now you can run JTR against the hash file (in this case it's MD4)
./john --format=raw-md4 ~/hash.moo
sit and wait for a bit...

No comments:

Post a Comment