Places
- Home – http://www.openwall.com/john/
- Custom binary builds, by various users – http://openwall.info/wiki/john/custom-builds
Simple dictionary-based cracking
For Linux systems, the hashed passwords are contained in the /etc/shadow file. To use John the ripper, one needs both that file and /etc/passwd.
- Unshadowing:
./unshadow.exe passwd.txt shadow.txt > passwd-unshadowed.txt - To run John against the unshadowed password file passwdFile-unshadowed.txt using the predefined word-list mywords.lst, run
following:
./john.exe –wordlist=mywords.lst passwd-unshadowed.txt - To see the cracked passwords run:
./john.exe –show passwdFile-unshadowed.txt - and to save that file:
./john.exe –show passwdFile-unshadowed.txt > passwdFile-cracked.txt
Articles
- “Linux Password Cracking: Explain unshadow and john commands ( john the ripper tool )” by Vivek Gite (UnixCraft) – http://www.cyberciti.biz/faq/unix-linux-password-cracking-john-the-ripper/
- “Cracking OpenVMS passwords with John the Ripper” by Jean-loup Gailly – http://gailly.net/security/john-VMS-readme.html
- John the Ripper v1.3.6 source package patched to include OpenVMS SYSUAF.DAT files parsing – http://gailly.net/security/john-VMS-readme.html. It compiles well on Cygwin.
- So far, John does not work for SHA hashes. A patch allowing one to do this is presented at:
- “Re: “No password hashes loaded” on Ubuntu 9.04″ by Solar Designer (2009.09.02) – http://www.openwall.com/lists/john-users/2009/09/02/3
- “Crack Password with John the Ripper on Ubuntu 9.10” by Junjun Mao (2010.02.01) – http://pka.engr.ccny.cuny.edu/~jmao/node/26
This patch allows use of John against SSH type hashes, but requires running John on the same type of system (i.e. unix system that supports the same hashes in logon authentication module).
Related here: Default passwords, wordlist and Rainbow tables – https://eikonal.wordpress.com/2010/03/29/default-passwords/ | Passwords cracking – https://eikonal.wordpress.com/2010/01/06/password-crackers/
Eikonal Blog 
