John The Ripper TryHackme Writeup

Shamsher khan
6 min readMay 21, 2021

--

By Shamsher khna This is a writeup of the TryHackMe room “John The Ripper” from the creator PoloMints

https://tryhackme.com/room/johntheripper0

Task 2: Setting up John the Ripper

Question: What is the most popular extended version of John the Ripper?

Answer: Jumbo John

Task 3: Wordlists

Question: What website was the rockyou.txt wordlist created from a breach on?

Answer: rockyou.com

Task 4: Cracking Basic Hashes

Tool we use hash-identifier. This tool is already install in kali linux

python3 hash-identifier.py

for the Practical we need to download “firsttaskhashes.zip”

So Here we unzip the file

Question: What type of hash is hash1.txt?

copy hash from hash1.txt

Use Hash-identifier tool to analyze hash format

Hash identifier show us it is possible MD5 hash format

Answer: MD5

Question 2: What is the cracked value of hash1.txt?

Answer: biscuit

Question 3: What type of hash is hash2.txt?

Repeat the process for hash2.txt

Possible hash found SHA-1 or SHA1

Answer: SHA1

Question: What is the cracked value of hash2.txt

Answer: kangeroo

Question: What type of hash is hash3.txt?

Possible Hash found SHA-256 or SHA256 or Haval256.

Answer: SHA256

Question: What is the cracked value of hash3.txt?

Answer: microphone

Question: What type of hash is hash4.txt?

Possible Hash found SHA-512 or SHA512 or Whirlpool

Answer: Whirlpool

Question: What is the cracked value of hash4.txt

Answer: colossal

Task 5: Cracking Windows Authentication Hashes

This section is about cracking Windows hashes and NTHash / NTLM

Question: What do we need to set the “format” flag to, in order to crack this?’

Answer: NT

Question: What is the cracked value of this password?

Download the file from the section and here we use format=nt

Answer: mushroom

Task 6: Cracking /etc/shadow Hashes

This section is about cracking /etc/shadow or Linux user password hashes

Question: What is the root password?

We Use format=sha512crypt Because sha512crypt hash started from $6$

We can check by using “hashcat — help”

Answer: 1234

Task 7: Single Crack Mode

So In this mode we don’t need a wordlist , but need to put the flag “- -single”, “ — format

Question: What is Joker’s password?

Download the file from this section and find hash format

Possible hash found MD5, now add the jocker word before the hash

Answer: Jok3r

Task 8: Custom Rules

In this section we learn about custom rules for John.Jumbo John already comes with a large list of custom rules, which contain modifiers for use almost all cases. If you get stuck, try looking at those rules [around line 678] if your syntax isn’t working properly.

The way we use custom rules in john are like this:

john — wordlist=[path to wordlist] — rule=PoloPassword [path to file]

Question 1 : What do custom rules allow us to exploit?

Answer: Password complexity predictability

Question 2: What rule would we use to add all capital letters to the end of the word?

Hint: https://www.openwall.com/john/doc/RULES.shtml

Note: Do note copy paste this answer write yourself

Answer: Az”[A-Z]”

Question3: What flag would we use to call a custom rule called “THMRules”

Answer: — -rule=THMRules

Task 9: Cracking Password Protected Zip File

In this section we learn about how to crack password protected Zip file.

For this task we use zip2john tool if you have already install john. Or you can locate where it is located and copy zip2john to your folder.

Question: What is the password for the secure.zip file?

First we need to Extract the hash from the file secure.zip to a secure.txt file. So we need to run zip2john. Now the hash is in secure.txt

To crack the hash we use wordlists rockyou.

So this is the password for secure.zip

Answer: pass123

Question 2: What is the contents of the flag inside the zip file?

Now unzip the file secure.zip it ask for password. Then Use pass123

Task 10: Cracking Password Protected RAR File

In this section we learn about how to crack password protected RARfile.

For this task we use rar2john tool if you have already install john. Or you can locate where it is located and copy rar2john to your folder.

Question 1: What is the password for the secure.rar file?

First we need to Extract the hash from the file secure.rar to a secure.txt file. So we need to run rar2john. Now the hash is in secure.txt

This is the password for secure.rar. Now Extract the file from secure.rar .For this use unrar e secure.rar.If it is ask for password use “password”

Answer: password

Task 10: Cracking SSH Keys with John

This section is about cracking SSH keys with John. For this first we use ssh2john to extract hash from id_rsa file.

locate ssh2john

Question 1: What is the SSH private key password?

Answer: mango

Please follow me .This room is for beginner who don’t know how to crack hash

follow on LinkedIn Instagram Twitter

Written by Shamsher khan

https://tryhackme.com/p/Shamsher

For more walkthroughs stay tuned…

Before you go…

Visit my other walkthrough’s:-

and thank you for taking the time to read my walkthrough. If you found it helpful, please hit the 👏 button 👏 (up to 40x) and share it to help others with similar interests! + Feedback is always welcome!

--

--

Shamsher khan
Shamsher khan

Written by Shamsher khan

Web Application Pen-tester || CTF Player || Security Analyst || Freelance Cyber Security Trainer