In this article – the last in our John the Ripper series – we would like to focus on how we can use John to crack SSH keys, as well as mention some basics of Custom Rules.
It should come as no surprise that John can also deal with .zip and .rar archives. John does this by leveraging the zip2john and rar2john utilities, built in the tool, so that it can ingest something that it will know how to use. The syntax is pretty much the same, and by now, you should be quite familiar with it; still, we will use this article to show some examples of how we can make our .zip and .rar archives John-ready. As we will see, this is akin to the unshadow tool we’ve used previously.
Authentication hashes are stored and kept by operating systems. Really, they are just hashed values of passwords. It might be possible to brute force these, but oftentimes you would need some sort of privileged permissions in order to obtain them, so it is somewhat of a more difficult task.
John The Ripper, or John for short, is one of the most well known password and hash cracking tools out there. John is extremely versatile, most importantly, it is extremely fast, with a really big range of compatible types of hashes, not just the most common ones like SHA1, SHA256, MD5, etc. It is also worth mentioning that John will work on all of the three most common operating systems – Windows, MacOS, and Linux-based distros. For Windows, there’s also the Hash Suite, developed by a John the Ripper Contributor.
Hashes
Hashing, most simply put, is the act of taking a piece of data (of any length) and representing it in another shape, that is of fixed length. We do so by passing our original data through an algorithm – hashing algorithm. Some more popular examples are: NTLM, MD4, SHA512.
As an example, take my name – acephale as an input string and pass it through a SHA256 algorithm, and we get the following string of characters:
Leave a Reply