[Hash] john
A tools for crack through brute force hashed passwords
Basic usage
Create a file call hash in current dir.
Then input the hash that we want to burse.
5f4dcc3b5aa765d61d8327deb882cf99
e99a18c428cb38d5f260853678922e03Notices: You may want to use hash-identifier to know the hash format first.
Last, using following code to bash.
- With
raw-md5/md5
john --wordlist=/usr/share/john/password.lst --format=raw-md5 ./hash- With
raw-sha1
john --wordlist=/usr/share/wordlists/rockyou.txt --format=raw-sha1 ./hash- With
whirlpool
john --wordlist=/usr/share/wordlists/rockyou.txt --format=whirlpool ./hash- With
bcrypt
john --wordlist=/usr/share/wordlists/rockyou.txt --format=bcrypt ./hashAvaiable format
john --list=formats | grep -i 'md5'
descrypt, bsdicrypt, md5crypt, md5crypt-long, bcrypt, scrypt, LM, AFS,
aix-ssha512, andOTP, ansible, argon2, as400-des, as400-ssha1, asa-md5,
dahua, dashlane, diskcryptor, Django, django-scrypt, dmd5, dmg, dominosec,
mschapv2-naive, krb5pa-md5, mssql, mssql05, mssql12, multibit, mysqlna,
mysql-sha1, mysql, net-ah, nethalflm, netlm, netlmv2, net-md5, netntlmv2,
netntlm, netntlm-naive, net-sha1, nk, notes, md5ns, nsec3, NT, o10glogon,
PBKDF2-HMAC-MD4, PBKDF2-HMAC-MD5, PBKDF2-HMAC-SHA1, PBKDF2-HMAC-SHA256,
PHPS2, pix-md5, PKZIP, po, postgres, PST, PuTTY, pwsafe, qnx, RACF,
Raw-Keccak, Raw-Keccak-256, Raw-MD4, Raw-MD5, Raw-MD5u, Raw-SHA1,
Stribog-256, Stribog-512, STRIP, SunMD5, SybaseASE, Sybase-PROP, tacacs-plus,
tcp-md5, telegram, tezos, Tiger, tc_aes_xts, tc_ripemd160, tc_ripemd160boot,
ZipMonster, plaintext, has-160, HMAC-MD5, HMAC-SHA1, HMAC-SHA224unshadow and decode for linux passowrd crack
-
FILE 1 - local_passwd
Contains the /etc/passwd line for the root user:
root:x:0:0::/root:/bin/bash -
FILE 2 - local_shadow
Contains the /etc/shadow line for the root user:
root:$6$2nwjN454g.dv4HN/$m9Z/r2xVfweYVkrr.v5Ft8Ws3/YYksfNwq96UL1FX0OJjY1L6l.DS3KEVsZ9rOVLB/ldTeEL/OIhJZ4GMFMGA0:18576::::::
unshadow local_passwd local_shadow > unshadowed.txtThen feed the file to john for crack the password.
john --wordlist=/usr/share/wordlists/rockyou.txt --format=sha512crypt unshadowed.txtsingle crack mode
If you’re cracking hashes in single crack mode, you need to change the file format that you’re feeding john for it to understand what data to create a wordlist from.
From:
1efee03cdcb96d90ad48ccc7b8666033
To
mike:1efee03cdcb96d90ad48ccc7b8666033
john --single --format=raw-sha256 hash7.txtCrack zip / rar / ssh with pw
zip
zip2john zipfile.zip > zip_hash.txtrar
rar2john rarfile.rar > rar_hash.txtssh
ssh2john id_rsa > id_rsa_hash.txtThen using join to crack. Filename change to the hash file
john --wordlist=/usr/share/wordlists/rockyou.txt zip_hash.txt