How to use John the Ripper
Learn to use this tool to crack passwd files
Below is an example passwd file:
jeunehom:uRavlb2TZc7fA:10009:100:Fanny JEUNEHOMME,Promo2001:/home/jeunehom:/bin/bash cellier:6VVFRl.ib8J4E:10012:100:Remi Cellier,Promo2001:/home/cellier:/bin/bash dischamp:bAndzoL65f2sY:10017:100:Sylvestre Dischamp, Promo2001:/home/dischamp:/bin/bash artus:z0A3df0OmqmFI:10027:100:Guillaume ARTUS,Promo2001:/home/artus:/bin/bash conti:ai05V8QKeoy5.:10031:100:Igor Conti,Promo2001:/home/conti:/bin/bash villard:/SMP6Kp/Ta7IE:10034:100:Eric villard, Promo2001:/home/villard:/bin/bash thong:ILZ5vYepxdrXI:10036:100:Daniel Thong, Promo2001:/home/thong:/bin/bash caronst:RCKjguAg2gcUA:520:100:Stephane Caron,externe:/home/caronst:/bin/bash humberte:RHLuzAqk4q6tg:524:100:Eric Humbert,externe:/home/humberte:/bin/bash lett:CCstsGLHidWfk:10038:100:Jean-Francois LETT, Promo2002,,:/home/lett:/bin/bash pouillon:3O6MbRS70BOD2:512:100:Yann Pouillon,externe:/home/pouillon:/bin/bash changey:rttCjavOaeC82:10039:100:Sebastien CHANGEY, Promo2002:/home/changey:/bin/bash
This is what it would appear like with most exploits, so now you have to break the passwd file up into single line entries as follows:
jeunehom:uRavlb2TZc7fA:10009:100:Fanny JEUNEHOMME,Promo2001:/home/jeunehom:/bin/bash
cellier:6VVFRl.ib8J4E:10012:100:Remi Cellier,Promo2001:/home/cellier:/bin/bash
dischamp:bAndzoL65f2sY:10017:100:Sylvestre Dischamp, Promo2001:/home/dischamp:/bin/bash
artus:z0A3df0OmqmFI:10027:100:Guillaume ARTUS,Promo2001:/home/artus:/bin/bash
conti:ai05V8QKeoy5.:10031:100:Igor Conti,Promo2001:/home/conti:/bin/bash
villard:/SMP6Kp/Ta7IE:10034:100:Eric villard, Promo2001:/home/villard:/bin/bash
thong:ILZ5vYepxdrXI:10036:100:Daniel Thong, Promo2001:/home/thong:/bin/bash
caronst:RCKjguAg2gcUA:520:100:Stephane Caron,externe:/home/caronst:/bin/bash
humberte:RHLuzAqk4q6tg:524:100:Eric Humbert,externe:/home/humberte:/bin/bash
lett:CCstsGLHidWfk:10038:100:Jean-Francois LETT, Promo2002,,:/home/lett:/bin/bash
pouillon:3O6MbRS70BOD2:512:100:Yann Pouillon,externe:/home/pouillon:/bin/bash
changey:rttCjavOaeC82:10039:100:Sebastien CHANGEY, Promo2002:/home/changey:/bin/bash
Now examine an entry:
jeunehom:uRavlb2TZc7fA:10009:100:Fanny JEUNEHOMME,Promo2001:/home/jeunehom:/bin/bash
Username: jeunehom
Password Hash: uRavlb2TZc7fA
Permissions: 10009:100
Name: Fanny JEUNEHOMME,Promo2001
Home Directory: /home/jeunehom
Logon Shell: /bin/bash
So to crack this take a text editor and place the entire entry into it, name the file passwd.txt then go into dos and execute john with a simmilar command line to the following:
D:\Apps\JOHN-16\RUN>john passwd.txt
Loaded 1 password (Standard DES [48/64 4K])
John the Ripper is now brute forcing passwd.txt to check its progress you can press space and it will come up with something like the following:
guesses: 0 time: 0:00:00:03 (3) c/s: 37110 trying: shance1 - meter
When John the Ripper returns you to the command prompt the passwd has been cracked, to view it do the following:
D:\Apps\JOHN-16\RUN>john -show passwd.txt
albert:jupiter:666:666:Section 3:/home/section3:/bin/csh
This shows us that the user 'albert' with a password of 'jupiter' has been found.
Now try this on yourself....
Make your own wordlist fairly simple. Hope this help's!