Crack Password Using JohnTheRipper Tool. Firstly, we are going to install John the ripper tool in your Kali by typing sudo apt-get install john in your terminal and if you are using another platform like windows then you can download it via clicking here. Cracking ZIP/RAR Password With John The Ripper Kali Linux test LeVeL23HackTools, is a forum created to share knowledge about malware modification, hacking, security, programming, cracking, among many other things.
CeWL tool:
It is a ruby language-based tool that connects a unique URL to a definite depth; it follows external links and outputs a list of words that are used for password crackers like John’s password cracking tool. It can also be launched in command line terminal windows, files already bagged FAB that uses raw data extractions methods to create lists from already downloaded.
Crunch tool:
This password attack tool generates a wordlist where standard or customized character set can be specified for usage. It generates all the possible password combinations in a very quick process. It can also break up the results by file size and support in case of any difficulty. It supports numbers, symbols. Crunch supports uppercase and lowercase letters and also generates a status report of multiple files.
Hashcat tool:
This is one of the most popular, fast, and expert password recovery tools. It supports 5 unique attack modes for 300 plus highly-optimized hashing algos. It can support CPU, GPU, and many more hardware accelerators and helps to work on distributed password cracking. It has numerous different options to support multiple arguments during password recovery.
John the ripper toolkit:
“John the ripper” is a fast and reliable toolkit that contains numerous cracking modes, and it is highly customizable and configurable according to your requirements. By default, John can work with many hash types, including traditional DES, bigcrypt, FreeBSD MD5, Blowfish, BSDI extended DES, Kerberos, and MS Windows LM hashes. It also supports other DES-based tripcodes, but they need to be configured. It can also work on SHA hashes and Sun MD5 hashes. It also supports OpenSSH private keys, PDF files, ZIP, RAR archives, Kerberos TGT.
It has many scripts for various purposes such as unafs (warning about weak passwords), unshadows (passwords and shadows files combined), unique (duplicates are removed from wordlist).
Medusa tool:
Medusa is a brute-forcer login tool that is a very fast, reliable, and modular design. It supports many services that allow remote authentication. It supports multi thread-based parallel testing, and it also has flexible user input, a modular design that can support independent brute force services. It also supports many protocols such as SMB, HTTP, POP3, MSSQL, SSH version 2, and many more.
Ncrack tool:
A very fast network authentication cracking tool that helps organizations to secure their networks against password attacks. It searches for poor passwords by testing their hosts and networking devices. It has several components and works like the NMAP tool having a dynamic engine to work on network feedback. It has fast and reliable auditing services for multiple hosts. It is very easy to use and has sophisticated brute force attacks, timing templates, and a flexible interface for complete control of the network processes. It supports multiple protocols such as SSH, FTP, HTTPS, TELNET, IMAP, SIP, SMB, PostgreSQL, MS-SQL, MySQL, MongoDB, and many more.
Ophcrack tool:
Ophcrack is an opensource windows password cracking tool. It is based on rainbow tables and is very efficient. It has a graphical user interface as well as a command-line interface and supports multi-platforms. It has audit mode, brute force mode, debugging mode, loading hashes.
Wordlists utility:
The wordlists is a password attack tool that includes a wordlist and symlinks to several password files that are in the Kali Linux distro. The package is pre-installed in Kali Linux 2020.1, and it is an open-source tool so it can be downloaded.
Hydra tool:
This password attack tool is a centralized parallel login crack with several attack protocols. It is highly flexible, quick, reliable, and customizable for the addition of new modules. This tool can obtain unauthorized access remotely to a system, and that is very important for security professionals. It works with Cisco AAA, Cisco authorization, FTP, HTTPS GET/POST/PROXY, IMAP, MySQL, MSSQL, Oracle, PostgreSQL, SIP, POP3, SMTP, SSHkey, SSH and many more.
Mimikatz tool:
Mimikatz is a C language tool that works with windows security. It extracts passwords, PINs, Hash codes, and Kerberos tickets from host memory and saves it in a plain text file. It executes three services, i.e., pass the ticket, pass the hash, and built Golden tickets. This is an open-source tool and comes pre-installed in Kali Linux 2020.1 update.
Chntpw:
This tool helps to view information and change passwords in windows NT/2000 based DB files. This tool overwrites old passwords. It has a simple registry editor that can revoke or invoke registries in the windows database file. This tool can also be used as offline password recovery utility; just add this to custom image disk.
THC-pptp-bruter tool:
This brute forcer tool works against pptp VPN endpoints. It is a standalone package and uses TCP port 1723. It supports MSchapV2 authentication and is tested against enormous cisco gateways and windows files. This brute force tool tries 300 passwords in a second and exploits a vulnerability in Microsoft anti-brute-force operation.
Rsmangler tool:
This tool gets a wordlist and then do different operations on it just like John the Ripper tool. It takes an input of words and generates all of these transformations and the acronym of words, and then it is applied to other mangles.
Conclusion:
All of these password attack tools are open-source and can be downloaded from the Kali repository or GitHub Repository.
After seeing how to compile John the Ripper to use all your computer's processors now we can use it for some tasks that may be useful to digital forensic investigators: getting around passwords. Today we will focus on cracking passwords for ZIP and RAR archive files. Luckily, the JtR community has done most of the hard work for us. For this to work you need to have built the community version of John the Ripper since it has extra utilities for ZIP and RAR files.For this exercise I have created password protected RAR and ZIP files, that each contain two files.
The password for the rar file is 'test1234' and the password for the zip file is 'test4321'.
In the 'run' folder of John the Ripper community version (I am using John-1.7.9-jumbo-7), there are two programs called 'zip2john' and 'rar2john'. Run them against their respective file types to extract the password hashes:
This will give you files that contain the password hashes to be cracked... something like this:
After, that you can run John the Ripper directly on the password hash files:
You should get a message like:
Loaded 1 password hash (PKZIP [32/64]). By using John with no options it will use its default order of cracking modes. See the examples page for more information on modes.Crack Zip Password Kali
Notice, in this case we are not using explicit dictionaries. You could potentially speed the cracking process up if you have an idea what the password may be. If you look at your processor usage, if only one is maxed out, then you did not enable OpenMP when building. If you have a multi-processor system, it will greatly speed up the cracking process.Now sit back and wait for the cracking to finish. On a 64bit quad-core i7 system, without using GPU, and while doing some other CPU-intensive tasks, the password was cracked in 6.5 hours.
Now if you want to see the cracked passwords give john the following arguments: It should output something like:
Note: the hash file should have the same type of hashes. For example, we cannot put the rar AND zip hashes in the same file. But this means you could try to crack more than one zip/rar file at a time.