During your work in CTFs and information security, you may come across hashed passwords and encrypted zip files. Often you get people asking how to “Decrypt hashes” or “Break zip file encryption” but that’s not possible. Hashes are one way, you can’t “Decrypt” them. ZIP files use state-of-the-art AES encryption, which is impractical to “break”. However, not all is lost. People often use weak passwords. Many online services offer ZIP password recovery through bruteforce, and hash cracking using precomputed hash value tables, known as “Rainbow tables”. The problem with these services is, most of the time, the Rainbow tables aren’t large enough. Another problem is that, the passwords are often concatenated with a random string, known as a “salt”, before hashing. This renders the Rainbow Tables useless, as the salts are unique, and therefore so are the passwords, making them impossible to precompute. Some offer the option to add salts, but are still rendered pretty much useless. To account for bigger wordlists and salts, you will most likely need a local bruteforce cracker. Of those there two very popular ones: John The Ripper and hashcat. Both have their pros and cons, but John The Ripper is more accessible as you can run it even on the weakest of computers, which is why I chose to write about John the Ripper, or, as the abbreviation goes, JtR.
To install JtR, go to the official website, (https://www.openwall.com/john/)[https://www.openwall.com/john/] and download the release for your platform and install it. Once you have done this, add the JtR “run” directory to your path if you’re not on Linux, and you’re done! Now you have to choose a wordlist, a list of passwords for JtR to try. JtR has its own wordlist, password.lst, but I recommend using the RockYou wordlist which is much larger, located at (https://github.com/brannondorsey/naive-hashcat/releases/download/data/rockyou.txt)[https://github.com/brannondorsey/naive-hashcat/releases/download/data/rockyou.txt] . After you have your wordlist of choice, your setup is done!
Let’s crack a demo MD5 hash:
81dc9bdb52d04dc20036dbd8313ed055
First, put this in a file, let’s say “hashfile.txt”
Then, open the location of this hash file in cmd/terminal and run
john --show --format=Raw-MD5 hashfile.txt
And it prints
?:1234
And 1234 is the value of the hash!
Now let’s crack a SHA-1 using a wordlist
e72032ba6c3321471d3378c34833322118d588b8
john --format=Raw-SHA1 --wordlist=/path/to/wordlist hashfile.txt
Output:
Loaded 1 password hash (Raw-SHA1 [SHA1 128/128 SSE4.1 4x])
Warning: no OpenMP support for this hash type, consider --fork=4
Press 'q' or Ctrl-C to abort, almost any other key for status
welldone (?)
1g 0:00:00:00 DONE (2023-09-08 10:13) 16.39g/s 826426p/s 826426c/s 826426C/s whistle..welldone
Use the "--show --format=Raw-SHA1" options to display all of the cracked passwords reliably
Session completed
And well done is the hash value!
Now let’s try salted SHA-256
3153725b334ce828fcca1772164c7f17ab4e1c3b95401e8050fbbfe0942c5aa7$@@)(j391kd
Format: hash$salt
Salt is added to the end of plaintext before hashing.
Running
john –list=subformats
We get a lot of formats, but the one that interests us is
Format = dynamic_62 type = dynamic_62: sha256($p.$s)
So now we run
john --format=dynamic_62 --wordlist=/path/to/wordlist hashfile.txt
And we get
Loaded 1 password hash (dynamic_62 [sha256($p.$s) 128/128 SSE4.1 4x])
Warning: no OpenMP support for this hash type, consider --fork=4
Press 'q' or Ctrl-C to abort, almost any other key for status
hello (?)
1g 0:00:00:00 DONE (2023-09-08 10:25) 14.28g/s 24000p/s 24000c/s 24000C/s 123456..kenny
Use the "--show --format=dynamic_62" options to display all of the cracked passwords reliably
Session completed
A final lesson. Let’s crack an encrypted ZIP archive.
Let’s say we have an encrypted zip file, ch5.zip
First, run zip2john on it:
zip2john ch5.zip
We get:
ch5.zip/readme.txt:$pkzip2$1*2*2*0*63*6f*ee166206*0*3d*8*63*ee16*005c*4cd0f9313784d20fdf0eb52e155682a0444ecadc04d2b2e34778b8aeec2dc025e79e6d9b2f6b3e6ee1c9269a50ff858f75f90c16f8cbe1980fd46747f1b2dbd47b92199a57b3c52f9ffeeb50bcdad0e38c88e3308051f32fde0158941432ab2 e3b8c1e*$/pkzip2$:readme.txt:ch5.zip::ch5.zip
Put that into hashfile.txt, and run
john --format=pkzip --wordlist=rockyou.txt hashfile.txt
And we get:
Loaded 1 password hash (PKZIP [32/64])
Will run 4 OpenMP threads
Press 'q' or Ctrl-C to abort, almost any other key for status
14535 (ch5.zip/readme.txt)
1g 0:00:00:07 DONE (2023-09-08 10:35) 0.1295g/s 1714Kp/s 1714Kc/s 1714KC/s 147530281575..143tanner
Use the "--show" option to display all of the cracked passwords reliably
Session completed
So this concludes my starter tutorial on using John The Ripper. Of course, I’ve only scratched the surface of the many things you can do with this extremely versatile tool, but hey, you’ve got to start somewhere! If you need to do something not documented here, look it up! Most likely someone else wants to do that same thing. Thank you for reading, and
540c250f4679816cb38747f3fca8d18fdbaa5e43895088ee9b21358a9ec486db4cadc5245dcfc209bb04e12918c03006967517fb0f8ea2758f00a73a7ef51d2a
