John Wordlist Download
Aila Gilb
JtR also includes its own wordlists of common passwords for 20+ languages. These wordlists provide JtR with thousands of possible passwords from which it can generate the corresponding hash values to make a high-value guess of the target password. Since most people choose easy-to-remember passwords, JtR is often very effective even with its out-of-the-box wordlists of passwords.
Below is the JtR command from our Live Cyber Attack Webinar. In this scenario, our hacker used kerberoast to steal a Kerberos ticket granting ticket(TGT) containing the hash to be cracked, which was saved in a file called ticket.txt. In our case, the wordlist used is the classic rockyou password file from Kali Linux, and the command was set to report progress every 3 seconds.
In this mode, John is using a wordlist to hash each word and compare the hash with the password hash. If you do not indicate a wordlist, John will use the one it comes bundled with which has about 3,500 words which are the most common passwords seen in password dumps.
John has the ability to take a wordlist and mangle the words in it to try variations of that word. It will add numbers to the end of the word and try replacing letters with numbers and adding other random symbols. So if the word list contains the word jackson, with rules turned on it would try each of these plus hundreds more.
In this mode John the ripper uses a wordlist that can also be called a Dictionary and it compares the hashes of the words present in the Dictionary with the password hash. We can use any desired wordlist. John also comes in build with a password.lst which contains most of the common passwords.
Now, we want to be able to use some password cracking rules, so that our wordlists don't have to be terabytes to be effective. We can do that by telling John how to create password variations from the wordlist. This is where the rules come in.
KoreLogic provided a pretty amazingly comprehensive set of John the Ripper rules form the Defcon 2010 crack me if you can contest, with the set of rules being released as part of the terms of victory: _media/john/korelogic-rules-20100801.txt
To use the rule, for exmaple the KoreLogicRulesAppendYears rule, we can call john with the --rules=KoreLogicRulesAppendYears argument, or with the -rules:KoreLogicRulesAppendYears argument (etiher works, but be consistent):
where we specify the wordlist, the encryption format of the john_password_file, the location of the john_password_file, and the rules to use. We'll cover how to get password files in a format John likes from programs like Airodump-ng and Aircrack below. But let's finish talking about the rules.
It's pretty straightforward to script with John the Ripper. I find that the easiest way, since John the Ripper jobs can get pretty enormous, is to use a modular approach: keeping track of what password wordlists and what variations have been tried for a given password file manually, rather than trying to maintain consistency by using one enormous John command.
You can create your own JtR rules to generate your wordlist.
Create a local john-local.conf file in your working directory, so JtR will include it, giving you the option to run rules defined therein:
You can concatenate more wordlists into the custom-wordlist file as you find them. Debian has lots more dictionary type packages. For instance, apt-cache search wordlists. Use dpkg -L [installed-package-name] to find where the actual word list file is installed.
Lets count how many lines (words) are in our wordlist so far:
Now we are ready to crack some passwords! First, combine the passwd and shadow files. This will allow john to use the GECOS information from the passwd file. GECOS is the user information fields such as first, last and phone. These fields will be used by john to make a more educated guess as to what that users password might be.
Next and final step is to actually start the cracking with John. It is up to you which cracking method you will chose, though a bruteforcing using a wordlist is usually enough for CTFs. An example attack using a wordlist would be launched like below
Where as we see John managed to crack the password of the user root as it was included in the wordlist used.
If you would like to print all the passwords John managed to crack you may run john --show unshadowed.txt and you will get something like:
Figure 2 illustrates using the unshadow command. This is distributed with John the Ripper in most packages. It combines the contents of /etc/passwd and /etc/shadow on a Linux VM, in this case, Kali. Then, we used the john command and specified the format -- in this case, the crypt mechanism. Since we haven't told it what cracking mode to use, John begins with single crack and then proceeds to wordlist -- none was specified, so it used the default. Ultimately, it will move to incremental mode.
These values are fed into John the Ripper to crack in Figure 4. We specified wordlist mode and instructed it to use rockyou.txt, one of the built-in wordlists that comes by default with most security-focused Linux distributions. Note that you may need to extract the text file first. The passwords were set to weak values -- dictionary words in all cases -- to enable the cracking to complete quickly. These two examples demonstrate the most universally applicable and most basic usage of John the Ripper. For more advanced usage, you may need to get a little creative. Sometimes, the format of stored password values you can obtain are not in one of the formats supported by John out of the box. With a few clever modifications, however, you can convert to one of those with a little research.
The screenshot below demonstrates how John the Ripper was able to detect the password hash from the rockyou.txt wordlist. While employing a directory-based attack with a wordlist is, we can only be successful if the password exists in the wordlist. Since this is a super easy one we did not need any other wordlist to recover the password.
When you are telling john to use formats, if you're dealing with a standard hash type, e.g. md5 as in the example above, you have to prefix it withraw- to tell john you're just dealing with a standard hash type, though this doesn't always apply. To check if you need to add the prefix or not, you can list all of John's formats using john --list=formats and either check manually, or grep for your hash type using something like john --list=formats grep -iF "md5".
760c119bf3