d1psx
Physical Security Tester
2
MONTHS
2 2 MONTHS OF SERVICE
LEVEL 1
300 XP
https://i.ibb.co/ftwBwGq/JtR.pngCracking ZIP/RAR Hashes with JtR
What is John?
John the Ripper or simply John, is an open source cracking tool provided by Openwall.
It's a very popular tool that comes pre installed on the Kali distro. It's easy to use, powerful, and it's free.
Download John Jumbo
https://www.openwall.com/john/ | https://download.openwall.net/pub/projects/john/contrib/windows/
*Installation on Linux varies depending on your package manager.
What is hashing vs encypting?
Hashing is similar to encypting with one major difference, it's irreversible.
Generally when your passwords are being stored on a database, they are hashed.
The string that makes up your password is taken and run through an algorithm that creates a new string with a fixed length.
E.g. "Day Bow Bow!"
> "93ea2d345244d653644a07d8fc09eca1"
E.g. "The power to destroy a thing is the absolute control over it."
> "2889cdd0d398e477d72c9c5354a7353b"
In regards to ZIP/RAR files (if password protected), your files are encrypted with the password provided as the key.
To decipher the encyption, we need the key. We'll be extracting a hash from an encrypted archive to crack. The hash composes of data created from failed password attempts.
Retrieving the Hash
Once John has downloaded, extract it and launch your terminal/cmd.
Set the current directory to John's 'run' folder (e.g. cd desktop/john/run).
Enter "john.exe" to confirm you're in the right directory.
Once there, find your archive and copypasta somewhere within the run folder. (Not that it's necessary but it does make things easier.)
To retrieve your hash, you can use zip2john.exe or rar2john.exe.
In this example I'll be cracking a zip file. So I'll enter:
Code:
"myzipfile.zip" should point to your archive. "myzipfile.hash" is the output file to create.
If you're cracking a rar file, enter the same parameters but instead of calling zip2john, call rar2john.
Inside of my run folder I can now locate the hash. Confirm that your hash was created successfuly.
Cracking the Hash
Now that we have our hash, we can begin cracking it. You can either use a wordlist for your attack or you can bruteforce the password.
When calling john.exe you can pass "--wordlist=password.lst" to use a list, or you can pass "--incremental" for bruteforcing.
*For "password.lst" enter the file you have your passwords stored in.
In my case I'm going to bruteforce the password so I'll enter:
Code:
In a matter of time your password should be displayed in your terminal.
E.g. "titan (myzipfile.zip)".
:fuck:
What is John?
John the Ripper or simply John, is an open source cracking tool provided by Openwall.
It's a very popular tool that comes pre installed on the Kali distro. It's easy to use, powerful, and it's free.
Download John Jumbo
https://www.openwall.com/john/ | https://download.openwall.net/pub/projects/john/contrib/windows/
*Installation on Linux varies depending on your package manager.
What is hashing vs encypting?
Hashing is similar to encypting with one major difference, it's irreversible.
Generally when your passwords are being stored on a database, they are hashed.
The string that makes up your password is taken and run through an algorithm that creates a new string with a fixed length.
E.g. "Day Bow Bow!"
> "93ea2d345244d653644a07d8fc09eca1"
E.g. "The power to destroy a thing is the absolute control over it."
> "2889cdd0d398e477d72c9c5354a7353b"
In regards to ZIP/RAR files (if password protected), your files are encrypted with the password provided as the key.
To decipher the encyption, we need the key. We'll be extracting a hash from an encrypted archive to crack. The hash composes of data created from failed password attempts.
Retrieving the Hash
Once John has downloaded, extract it and launch your terminal/cmd.
Set the current directory to John's 'run' folder (e.g. cd desktop/john/run).
Enter "john.exe" to confirm you're in the right directory.
Once there, find your archive and copypasta somewhere within the run folder. (Not that it's necessary but it does make things easier.)
To retrieve your hash, you can use zip2john.exe or rar2john.exe.
In this example I'll be cracking a zip file. So I'll enter:
Code:
Code:
zip2john.exe myzipfile.zip>myzipfile.hashIf you're cracking a rar file, enter the same parameters but instead of calling zip2john, call rar2john.
Inside of my run folder I can now locate the hash. Confirm that your hash was created successfuly.
Cracking the Hash
Now that we have our hash, we can begin cracking it. You can either use a wordlist for your attack or you can bruteforce the password.
When calling john.exe you can pass "--wordlist=password.lst" to use a list, or you can pass "--incremental" for bruteforcing.
*For "password.lst" enter the file you have your passwords stored in.
In my case I'm going to bruteforce the password so I'll enter:
Code:
Code:
john.exe --incremental myzipfile.hashE.g. "titan (myzipfile.zip)".
:fuck: