This repository is to show few commands on how john the ripper can be used in Kali Linux to decrypt encrypted passwords and messages.
Disclaimer:
This is for educational purposes only. The content here was done by a computer science student.
- Kali-Linux
- Hash-Indetifier
- Rockyou Dictionery
- John The Ripper
Kali by default is considered as a penetration testing GUI; therefore it comes with pen testing tools pre-installed. To properly execute John commands switch to root user. *sudo su
First start by using an ecryption identifier in this case I have used Hash-Identifier because my encryption is an md5 file has I used MD5 Hash Generator to generate my encryption.
- Type hash-identifier to enter encryption indetifier mode.
- Then type the hash encryption and press Enter/return and the hash will be identified.
- After the identification press Control & ESC to return user mode
Notice that the user is in Root mode.
Here I typed the command john --list=formats to show me all the encryption formats John The Ripper supports and there's an enourmous amount of encryptions.
Then locate Rockyou
In case you don't have /usr/share/worlists/rockyou.txt.gz try the following commands cd wordlist > cd rockyou > ls > gunzip rockyou.txt to unzip gz file then cd back to where you have your encrypted file.
type locate Rockyou at this point /usr/share/worlists/rockyou.txt.gz should appear.
Navigate to your browser and search for MD5 generator.
type any random word and click generate and copy either MD5 Hash or SHA1 Hash
Back to your terminal make sure you are on root user mode.
create a .txt file manually or use the command echo "ecryption" > .txt to create a file with the encryption on it.
On your Kali Terminal type the command john --w=/usr/share/wordlists/rockyou.txt --format=raw-md5 .your .txt encrypted file this command should decrypt your encrypted message or password.
Note: In this demo I used both john and rockyou to sort out a dictionary attack john used the cracking methods and rockyou used it's own dictionary