1. Download and unzip JtR (John the Ripper)
2. Open your Login:EncryptedPassword list in a text editor...making sure it follows the format shown above i.e. Login:EncryptedPassword and is free from garbage, then save it as pass.txt in the "run" folder of JtR.
NOTE: JtR is a MS-DOS programme, so to get it running you need to open the good ol' MS-Dos window, by clicking the "Start" button in windows and selecting "Programs" then "MS-Dos Prompt". You should then see a black background window appear with the words "C:\WINDOWS>" in it.
3. Ok, we need to change the directory to the JtR folder, do this by typing "cd c:\john\john-16\run\" (or the folder location of john.exe) in the Doswindow then hit "Enter".
The Dos prompt should now read "C:JOHN\JOHN-16\RUN> (or similar depending on your JtR directory)
4. Now you are ready to run JtR commands to decrypt the passwords. All the commands below assume you have called your encrypted password list "pass.txt"
5. Type "john.exe pass.txt" (without the "") and your password list will start decrypting, this process can take a very long time perhaps a week or two for a complete decryption, but you should see results in minutes. The reason it takes so long in some cases and quicker in others is due to the "crack mode" and the complexity of the password.
The good news is JtR will run quietly in the background while you get on with other things. Note: I wouldn't advise using it with the latest 3D shoot 'em up but it has had little effect on other types of programs I run.
6. To see your progress press any key (e.g. spacebar ). You will see:
guesses: 46 (number of cracked passwords so far)
time: 0:10:19:57 (how long its taken so far)
(3) (the current crack mode eg "incremental mode")
c/s: 31693 (the crypt per second speed or cracking attempts per second)
trying: Saglty1 - aric099 (thats what its trying when you hit the key!!;)
7. To stop the process press Ctrl & C or Ctrl & Break
If you used the default command "john pass.txt" then this will try "single crack" mode first, then use a wordlist with rules, and finally go for incremental mode:
-"Single crack" mode (takes the logon or username and checks that against the password, also performs variations on the logon.) Example - user:user1
- A wordlist with rules (uses the file password.lst and checks that against the password, then applies rules as listed in john.ini) Example: Without rules: "abc123"; With rules: "321cba"
- Incremental mode. The looong one!! creates all possible combinations of words, numbers and characters to crack the password. Example: zzz4*z?7
So when its finished all your passwords or you've stopped the process how do you see the cracks you've obtained?
type "john -show pass.txt" which will show all the cracked passes, if this list is too large for the screen you need to use the redirect command: "john -show pass.txt >word.txt" which sends the cracked passes to a file called word.txt
Ok now you know some basics you can experiment and significantly improve the crack speed upgrade your password.lst to something with teeth.
Here's a selection of common commands (there are more, READ THE DOCS in your JTR folder):
This will try "single crack" mode first, then use a wordlist with rules, and finally go for incremental mode.
"john.exe -i pass.txt":
The most powerful cracking mode This will use the default incremental mode parameters, which are defined in ~/john.ini's [Incremental:All] section. In the configuration file supplied with John these parameters are to use the full 95 character set, and to try all possible password lengths, from 0 to 8.
"john.exe -single pass.txt":
Use the username to crack and manipulations as john.ini. Example: user:user1
"john.exe -wordfile:password.lst pass.txt": Use password.lst to crack, no manipulations as john.ini. Example: abc123
"john.exe -wordfile:password.lst -rules pass.txt":
Use passwords.lst to crack and manipulations as john.ini. Example: 321cba
"john.exe -i:alpha pass.txt":
Runs incremental alphabetical a to zzzzzzzz. Example: qwerty
"john.exe -i:digits pass.txt":
Runs incremental numerical 0 to 99999999. Example: 12345678
"john.exe -i:lanman pass.txt":
Runs incremental alpha & numerical & Lanman characters. Example: abc$01?*
"john.exe -i:all pass.txt":
Runs incremental alpha & numerical & all characters. Example: abc$01¶??*
"john.exe -show pass.txt":
Shows all the cracked passes, if this is too large for the screen use the redirect command below.
"john.exe -show pass.txt >word.txt": Sends the cracked passes to a file called word.txt.
"john.exe -restore": To continue an interrupted session.
While running John, for a progress update press any key
To stop John once its started, just press Ctrl + C or Ctrl + Break.
Create a desktop icon for running jtr.
1.Create a shortcut to command prompt on your desktop go to the start menue programs/accessories. command prompt and drag it to the desk top.
2.Now rename command prompt something like john so you know what it is.
3.Next right-click the icon and select properties
Where it says Start in: put the location of your jtr\run\ I will use mine as a example C:\john\john-16\run
Click the okay button.
4. now check your work double click the icon
it should open to a command prompt directed at your folder C:\john\john-16\run