:[ Offline ]:

welcome, please log-in:

 Remember Me  ?
About: Remember Me
Ticking this box will make the site remember you for 24 hours. However, each time you visit the site this time is renewed, so if you are a regular visitor you will stay logged in.

Register An Account
Forgot Password?

:[ Forums ]:
Latest Post In:
New Members
:[ Like ]:
:[ Alexa ]:
:[ Tutorials ]:

How to use John The Ripper

JTR is a very useful and fast password cracking program. It is the favourite among hackers for cracking .htpasswd (DES) encrypted passwords and now can handle other encryptions such as LM and MD5. This is a very useful tool to have and is completely free too. This quick tutorial just shows you how to install and run it in standard mode.

Starting JTR:

This assumes that you are using Windows XP, however it is available for mac and linux operating systems. You can use terminal and the commands are usually the same:

First of all download it

here and extract it to your C drive (C:\john1701) If you are using a newer version since the article has been written, just change the commands below to fit the new version name.

Click start → run → and type cmd you should now have a black window on your screen. Keep typing:

cd ..

To go back directories until you are at your C drive. Then type:

cd john1701\run

And you should be in the folder containing JTR. Test this by typing:


You will now be greeted with the JTR welcome screen which will look similar to this:

John The Ripper

Ok, time to test it out. Get your encrypted file (if you don't have one, use this example: thisislegal:cGPV5pzv1OdLQ ) and create a new file in the run folder called pass.txt and copy and paste your password string into the text file. Now, to run JTR in default mode all you have to do is type:

john-mmx pass.txt

And it should begin cracking the hash. You can hold space or any other key down to check its progress. Passwords 1-5 characters in length can be cracked in seconds. 6-7 can take around an hour depending on the password and longer than 7 can take a few days to crack. This tutorial is only going to cover cracking password in the default mode. Another good option though is the -wordlist option which allows you to try cracking the password using a wordlist. Just type john-mmx in cmd again and look at all the available options.

When cracked, the password will be displayed on screen and john will exit. This screenshot below shows when JTR cracks the example password above:

John The Ripper 2

And that concludes this short tutorial. JTR is a very easy to use program once you know how.

Was this tutorial helpful? please rate:

You Must Login To Vote

Previous Tutorial  |  Next Tutorial

Tutorial By t0mmy9



I cant get the john-mmx pass.txt to work, any advice please?


dos it run on win7?

This was a very quick tutorial i made for a request. Hope you can use it now

mathChall   SecurityOverride   DareYourMind   Valid XHTML 1.0 Transitional
Home | Challenges | Forums | Contact | About (Disclaimer)
Copyright © 2007-14, All Rights Reserved.

:[ ShoutBox ]:
Guest - Login to post comments

Is challenge Bonus 11 still working?The admin is still working?
Can anyone help with challenge 4?
Oh, I was thinking about challenge 5. I should've looked at his account first.
Maudib11: the challenge Bonus 11 is not functioning as it should. 1) There is no hidden code for this challenge. You are provided with a code linked to your own account to send to the provided email account. 2) You have never even completed the challenge. 3) I can complete this challenge for anyone (using mu ISP's own SMTP server) if the challenge was still functional.
I've just checked it and the challenge seems to be working perfectly. I don't want to give too much spoilers here, but as always view the source code, as there can sometimes be some hidden vulnerabilities in there that can help you. If you need more help, please send me a PM.
Pages: 1, 2...626
0.312 sec