Lab: John the Ripper.
The goal of this step is to setup for the lab.
Step1: Setup
- Install the virtual machine John.ova.
- Log in as bob, password bob.
- Install John the ripper
-
sudo apt install john
- This will install the software John the Ripper and the associated data files.
- Grab a word list or two (just click to download)
- lower.gz
- Note, these are part of the john project. You can read about them here.
- You just downloaded the one of the English/small files.
- There are much more extensive files available.
- We have limited the download to make our examples work more quickly.
- Make a directory to work in (I called mine john)
- Change to john and copy the downloaded wordlist there.
-
cp ~/Downloads/lower.gz .
-
gunzip lower.gz
- While you are working, you might want access to the Documentation for john.
Step2: Background
- John the Ripper is an extensive set of tools for cracking passwords.
- While this may or may not be useful to you when protecting a system
- It is vital that you understand that this tool exists and that it can be used against your systems.
- John operates in at least four modes
- Using the information stored in the password file, attempt to crack the passwords by guessing.
- Using a built on the fly rainbow table, check for cracked passwords.
- Use a default list of words try all of these words.
- Use a default list of rules, try all mutations of the words given.
- Try a brute force attack.
- You can, if you wish, supply other lists including words and rules.
- John can run in parallel, easily using all the processors on a system.
- John is configured to run as a long term process
- It saves checkpoints so it can be restarted.
- It saves work completed as a checkpoint.
- All in all John is a very sophisticated tool, which we will explore in the next section.