mugennn
E-Product Creator
2
MONTHS
2 2 MONTHS OF SERVICE
LEVEL 1
400 XP
Hey Folks, in this tutorial we are going to talk about a tool to recover the password of a compressed zip file called “John the Ripper“. John the Ripper is a free password cracking software tool. Originally developed for the Unix operating system, it can run on fifteen different platforms. John the Ripper is a fast password cracker, currently available for many distributions of Unix, macOS, Windows, DOS, BeOS, and OpenVMS (the latter requires a contributed patch). Its primary purpose is to detect weak Unix passwords. Besides several crypt(3) password hash types most commonly found on various Unix flavors, supported out of the box are Kerberos/AFS and Windows LM hashes, as well as DES-based tripcodes, plus hundreds of additional hashes and ciphers in “-jumbo” versions.
Let’s take a look
!!Install Dependencies
We know that the tool comes pre-installed in kali linux operating but we have to install all dependencies to boot any tool that’s why we have given all the commands with the help of which you can install all dependencies as well as tools.
apt install zip
apt install unzip
apt install john123apt install zipapt install unzipapt install john
John
We can use the “John the Ripper” tool simply by entering “john” on our terminal.
john1john
Zip2John
We can also use this tool by entering the following command on the terminal.
zip2john1zip2john
Create Password Protected ZIP File
To demonstrate the use of both of those tools we will create a password protected zip file using the following command. As you can see the file has been protected and we cannot see the contents of the file.
Usage
!! zip –password < your password > < give zip file name > < files that you want compressed >zip --password shubham@# crack2.zip file1.txt file.txt rep.txt
unzip crack2.zip12zip--password shubham@# crack2.zip file1.txt file.txt rep.txtunzip crack2.zip
Getting Hash of ZIP File
Suppose what you will do if you have a zip file and have forgotten the password that you set during file creation ? Now our first step will be to get a hashes of the zip file using the zip2john tool. Just give us the location of the password protected zip file and the location where we want to save the hash. After getting the hash you can open them using the cat command.
Usage
!! zip2john < password protected ZIP file > > < name with location where we want to save >zip2john crack2.zip > zip.hashes
cat zip.hashes12zip2john crack2.zip>zip.hashescat zip.hashes
Crack Password with John
Now our work has become very easy as you can see that just we need to give the location of the saved hash and it will try its own dictionary to crack the password of the zip file through the hash. After trying several combinations it has found a valid password to unzip the compressed file.
Usage
!! john < saved hashes >john zip.hashes1john zip.hashes
Custom Wordlist
Some times it is not able to find a valid password, so in that case you can create your own wordlist and crack the password of any zip file.
Usage
!! john –wordlist=< your wordlist path > < saved hashes >john --wordlist=wordlist.txt zip.hashes1john--wordlist=wordlist.txt zip.hashes
Great
!! As you can see we have a valid password with the help of which we can unzip the password protected zip file.