Convert to Hashes with John

John the Ripper: Libraries and Utilities for Cracking Different Hash Types

Introduction

John the Ripper (John) is a powerful and versatile password-cracking tool that supports a wide range of hash types and password protection schemes. John the Ripper includes various specialized utilities and libraries that are designed to handle different formats, such as SSH keys, KeePass databases, and even Windows BitLocker encryption. This tutorial will cover some of the key utilities and libraries included with John the Ripper, explaining how to use them to crack password hashes for different systems and services.

1. ssh2john - Cracking SSH Keys

One of the unique features of John the Ripper is its ability to crack SSH private keys. The ssh2john utility extracts the hash from an SSH private key so that it can be cracked by John the Ripper.

How to Use ssh2john

To use ssh2john, run the following command to extract the hash from the private key file:

ssh2john /path/to/ssh/private/key > ssh_hash.txt

For example, if your SSH private key is located at ~/.ssh/id_rsa, you would run:

ssh2john ~/.ssh/id_rsa > ssh_hash.txt

Once the hash is extracted, you can use John to crack the key:

john ssh_hash.txt

John will attempt to crack the SSH private key password using a variety of cracking methods (e.g., dictionary attack, brute force).

Example:

ssh2john ~/.ssh/id_rsa > ssh_hash.txt
john ssh_hash.txt

2. keepass2john - Cracking KeePass Password Databases

John the Ripper also supports cracking passwords stored in KeePass password databases. The keepass2john utility extracts the password hash from KeePass 1.x and 2.x database files so that John can attempt to crack them.

How to Use keepass2john

To extract the hash from a KeePass database, run the following command:

keepass2john /path/to/database.kdbx > keepass_hash.txt

For example, if your KeePass database file is named passwords.kdbx, you would run:

keepass2john passwords.kdbx > keepass_hash.txt

Once the hash is extracted, use John to crack it:

john keepass_hash.txt

Example:

keepass2john passwords.kdbx > keepass_hash.txt
john keepass_hash.txt

3. bitlocker2john - Cracking Windows BitLocker Encryption

Windows BitLocker is a disk encryption feature that uses a variety of methods to secure data. bitlocker2john is a tool that allows John the Ripper to crack BitLocker encrypted drives by extracting and cracking the recovery key.

How to Use bitlocker2john

To extract the BitLocker key hash, you need to use bitlocker2john on the BitLocker recovery key or related files. The basic command is:

bitlocker2john /path/to/bitlocker.recovery.key > bitlocker_hash.txt

Once the hash is extracted, use John to crack it:

john bitlocker_hash.txt

Example:

bitlocker2john /path/to/bitlocker.recovery.key > bitlocker_hash.txt
john bitlocker_hash.txt

4. ansible2john - Cracking Ansible Vault Passwords

Ansible Vault is used for encrypting sensitive data such as passwords and private keys in Ansible playbooks. The ansible2john utility allows you to extract and crack the password used to encrypt an Ansible Vault file.

How to Use ansible2john

To extract the encrypted hash from an Ansible Vault file, run the following command:

ansible2john /path/to/ansible/vault/file > ansible_hash.txt

For example, if your Ansible Vault file is secrets.yml, you would run:

ansible2john secrets.yml > ansible_hash.txt

Once the hash is extracted, you can use John to crack it:

john ansible_hash.txt

Example:

ansible2john secrets.yml > ansible_hash.txt
john ansible_hash.txt

5. office2john - Cracking Microsoft Office Passwords

John the Ripper also supports cracking passwords for encrypted Microsoft Office documents, such as Word, Excel, and PowerPoint files. The office2john utility can extract the hash from Office documents for later cracking.

How to Use office2john

To extract the hash from an Office file, use the following command:

office2john /path/to/file.docx > office_hash.txt

For example, if you have a protected Word document called report.docx, you would run:

office2john report.docx > office_hash.txt

Once the hash is extracted, use John to crack it:

john office_hash.txt

Example:

office2john report.docx > office_hash.txt
john office_hash.txt

6. zip2john - Cracking Password-Protected Zip Files

John the Ripper can also crack password-protected ZIP archives using the zip2john utility. It extracts the hash from the ZIP file, which can then be cracked by John.

How to Use zip2john

To extract the hash from a password-protected ZIP file, use the following command:

zip2john /path/to/file.zip > zip_hash.txt

Once the hash is extracted, use John to crack it:

john zip_hash.txt

Example:

zip2john archive.zip > zip_hash.txt
john zip_hash.txt

7. Other Hash Cracking Utilities in John the Ripper

In addition to the utilities mentioned above, John the Ripper supports cracking a wide range of other hash types. Some of these include:

  • LM and NTLM Hashes: For cracking Windows password hashes.

  • MD5 and SHA Hashes: Cracking a variety of cryptographic hash types, including common web application hash formats.

  • LM/NTLM Hashes from Samba: For cracking passwords used by Samba services.

These tools and utilities are part of John the Ripper’s robust feature set, making it a highly versatile tool for security professionals, penetration testers, and ethical hackers.

Conclusion

John the Ripper includes a wide array of utilities that extend its capabilities to crack passwords from many different types of encryption and password storage formats. Whether you're cracking SSH private keys, encrypted Microsoft Office documents, or even BitLocker disks, John provides specialized tools like ssh2john, keepass2john, and bitlocker2john to facilitate the process.

PreviousCracking Passwords with JohnNextNTLM vs NTLMv2 Hashes + CrackMapExec

Last updated