During your work in CTFs and information security, you may come across hashed passwords and encrypted zip files. Often you get people asking how to “Decrypt hashes” or “Break zip file encryption” but that’s not possible. Hashes are one way, you can’t “Decrypt” them. ZIP files use state-of-the-art AES encryption, which is impractical to “break”. However, not all is lost. People often use weak passwords. Many online services offer ZIP password recovery through bruteforce, and hash cracking using precomputed hash value tables, known as “Rainbow tables”. The problem with these services is, most of the time, the Rainbow tables aren’t large enough. Another problem is that, the passwords are often concatenated with a random string, known as a “salt”, before hashing. This renders the Rainbow Tables useless, as the salts are unique, and therefore so are the passwords, making them impossible to precompute. Some offer the option to add salts, but are still rendered pretty much useless. To account for bigger wordlists and salts, you will most likely need a local bruteforce cracker. Of those there two very popular ones: John The Ripper and hashcat. Both have their pros and cons, but John The Ripper is more accessible as you can run it even on the weakest of computers, which is why I chose to write about John the Ripper, or, as the abbreviation goes, JtR.

To install JtR, go to the official website, (https://www.openwall.com/john/)[https://www.openwall.com/john/] and download the release for your platform and install it. Once you have done this, add the JtR “run” directory to your path if you’re not on Linux, and you’re done! Now you have to choose a wordlist, a list of passwords for JtR to try. JtR has its own wordlist, password.lst, but I recommend using the RockYou wordlist which is much larger, located at (https://github.com/brannondorsey/naive-hashcat/releases/download/data/rockyou.txt)[https://github.com/brannondorsey/naive-hashcat/releases/download/data/rockyou.txt] . After you have your wordlist of choice, your setup is done!

Let’s crack a demo MD5 hash:

81dc9bdb52d04dc20036dbd8313ed055

First, put this in a file, let’s say “hashfile.txt”

Then, open the location of this hash file in cmd/terminal and run

john --show --format=Raw-MD5 hashfile.txt

And it prints

?:1234

And 1234 is the value of the hash!

Now let’s crack a SHA-1 using a wordlist

e72032ba6c3321471d3378c34833322118d588b8

john --format=Raw-SHA1 --wordlist=/path/to/wordlist hashfile.txt

Output:


Loaded 1 password hash (Raw-SHA1 [SHA1 128/128 SSE4.1 4x])   

Warning: no OpenMP support for this hash type, consider --fork=4   

Press 'q' or Ctrl-C to abort, almost any other key for status   

welldone         (?)   

1g 0:00:00:00 DONE (2023-09-08 10:13) 16.39g/s 826426p/s 826426c/s 826426C/s whistle..welldone   

Use the "--show --format=Raw-SHA1" options to display all of the cracked passwords reliably   

Session completed  

And well done is the hash value!

Now let’s try salted SHA-256

3153725b334ce828fcca1772164c7f17ab4e1c3b95401e8050fbbfe0942c5aa7$@@)(j391kd

Format: hash$salt

Salt is added to the end of plaintext before hashing.

Running

john –list=subformats

We get a lot of formats, but the one that interests us is

Format = dynamic_62 type = dynamic_62: sha256($p.$s)

So now we run

john --format=dynamic_62 --wordlist=/path/to/wordlist hashfile.txt

And we get


Loaded 1 password hash (dynamic_62 [sha256($p.$s) 128/128 SSE4.1 4x])   

Warning: no OpenMP support for this hash type, consider --fork=4   

Press 'q' or Ctrl-C to abort, almost any other key for status   

hello            (?)   

1g 0:00:00:00 DONE (2023-09-08 10:25) 14.28g/s 24000p/s 24000c/s 24000C/s 123456..kenny   

Use the "--show --format=dynamic_62" options to display all of the cracked passwords reliably   

Session completed  

A final lesson. Let’s crack an encrypted ZIP archive.

Let’s say we have an encrypted zip file, ch5.zip

First, run zip2john on it:

zip2john ch5.zip

We get:

ch5.zip/readme.txt:$pkzip2$1*2*2*0*63*6f*ee166206*0*3d*8*63*ee16*005c*4cd0f9313784d20fdf0eb52e155682a0444ecadc04d2b2e34778b8aeec2dc025e79e6d9b2f6b3e6ee1c9269a50ff858f75f90c16f8cbe1980fd46747f1b2dbd47b92199a57b3c52f9ffeeb50bcdad0e38c88e3308051f32fde0158941432ab2 e3b8c1e*$/pkzip2$:readme.txt:ch5.zip::ch5.zip

Put that into hashfile.txt, and run

john --format=pkzip --wordlist=rockyou.txt hashfile.txt

And we get:


Loaded 1 password hash (PKZIP [32/64])   

Will run 4 OpenMP threads   

Press 'q' or Ctrl-C to abort, almost any other key for status   

14535            (ch5.zip/readme.txt)   

1g 0:00:00:07 DONE (2023-09-08 10:35) 0.1295g/s 1714Kp/s 1714Kc/s 1714KC/s 147530281575..143tanner   

Use the "--show" option to display all of the cracked passwords reliably   

Session completed  

So this concludes my starter tutorial on using John The Ripper. Of course, I’ve only scratched the surface of the many things you can do with this extremely versatile tool, but hey, you’ve got to start somewhere! If you need to do something not documented here, look it up! Most likely someone else wants to do that same thing. Thank you for reading, and

540c250f4679816cb38747f3fca8d18fdbaa5e43895088ee9b21358a9ec486db4cadc5245dcfc209bb04e12918c03006967517fb0f8ea2758f00a73a7ef51d2a