TryHackMe – John The Ripper Write Up

Hello friend.

room all about the password cracking tool john the ripper. I like it.

Task 2 – Setting up John the Ripper

What is the most popular extended version of John the Ripper?

jumbo john

Task 3 – Word Lists

What website was the rockyou.txt wordlist created from a breach on?

rockyou.com

Task 4- Cracking Basic Hashes

Download the task files and unzip them.

What type of hash is hash1.txt?

If we use this site it tells us it is a MD5 hash and the hash-id.py is already built into kali via the hash-identifiercommand which gives us this result:

So yes, the answer is MD5.

What is the cracked value of hash1.txt?

To crack it we use the command:

john --format=raw-md5 --wordlist=/usr/share/wordlists/rockyou.txt hash1.txt
What type of hash is hash2.txt?

Both tools tell us it is a sha1 hash. Even though hash-identifier writes sha-1, you have to enter it as sha1 for the question.

What is the cracked value of hash2.txt?

Similar john command as before:

What type of hash is hash3.txt?

Same procedure as before – it’s sha256.

What is the cracked value of hash3.txt?
What type of hash is hash4.txt?

This time it is actually the second one of the output.

What is the cracked value of hash4.txt?

Task 5 – Cracking Windows Hashes

What do we need to set the “format” flag to, in order to crack this?

This is a nice post about the different windows hashes. If you compare them with the hash we have in our ntlm.txt you can see, it is an NTHash. For these, the john format is:

nt

What is the cracked value of this password?

Now that we know the format, we can crack it easily:

Cracking /etc/shadow Hases

What is the root password?

Since it is already unshadowed… we just crack it.

Task 7 – Single Crack Mode

First of all, we check which kind of hash it is – hash-identifier says it’s an md5 hash. After that, we edit the hash file, so it looks like Joker:<hash>.

And there we go:

Task 8 – Custom Rules

What do custom rules allow us to exploit?

password complexity predictability

What rule would we use to add all capital letters to the end of the word?

Az”[A-Z]”

Az – to append to the end of the word

Inside the “” which characters we want

[A-Z] – to specify all uppercase characters

What flag would we use to call a custom rule called “THM Rules”?

--rule=THMRules

Task 9 – Cracking Password Protected Zip Files

What is the password for the secure.zip file?

First, we use

zip2john secure.zip > securehash

After that it is just business as usual:

What is the contents of the flag inside the zip file?

Just unzip it with the password, then cat zippy/flag.txt:

THM{w3ll_d0n3_h4sh_r0y4l}

Task 10 – Cracking Password Protected Zip Files

What is the password for the secure.rar file?

Now we use the rar2john secure.rar > rar_hash command before cracking it:

What is the contents of the flag inside the zip file?

This time we use unrar:

And then cat to get:

THM{r4r_4rch1ve5_th15_t1m3}

Task 11 – Cracking SSH Keys with John

First ssh2john idras.id_rsa > ssh_hash

Then:

And that’s it for this room! Damn, these were a lot of hashes to crack. But I didn’t know of all these extra John modules, there is also an office2john for password encrypted office files. Pretty neat.

Share the Post:

Related Posts