JOHN THE RIPPER

Auditing & Recovery

John the Ripper is an Open Source password security auditing and password recovery tool available for many operating systems. John the Ripper jumbo supports hundreds of hash and cipher types, including for: user passwords of Unix flavors (Linux, *BSD, Solaris, AIX, QNX, etc.), macOS, Windows, "web apps" (e.g., WordPress), groupware (e.g., Notes/Domino), and database servers (SQL, LDAP, etc.); network traffic captures (Windows network authentication, WiFi WPA-PSK, etc.); encrypted private keys (SSH, GnuPG, cryptocurrency wallets, etc.), filesystems and disks (macOS .dmg files and "sparse bundles", Windows BitLocker, etc.), archives (ZIP, RAR, 7z), and document files (PDF, Microsoft Office's, etc.) These are just some of the examples - there are many more.

DOWNLOADS

SYSTEM REQUIREMENTS

RAM : Minimum 1 gb (depends on the size of the password list and hash types).

Storage : Minimum 200 mb of Device storage.

OS : Linux, macOS, Windows, and Unix.

Architecture : Supports both 32-bit and 64-bit architectures.

Available On : PC


ADDITIONAL INFORMATION

Published By

Openwall Project.

Release Date

1996

Approximate Size

77.63 MB

Publisher Info

Openwall is known for its security-focused software.

Supported Languages

English

Last Update

February 26, 2024

Version 1.9.0-jumbo-1.

Programming Language

Written in C.

Operating System

Cross-platform

License

Open Source under the GNU General Public License (GPL).

This tool provides below four modes :

  1. Single crack : This mode can be helpful in cases when a user has set a password for an account based on commonly available information or phrase in the username (e.g. admin: admin888).
  2. Wordlist : As you can see, the dictionary attack method uses this mode.
  3. Incremental : This mode is used by brute-force method.
  4. External : It’s an optional mode. In this mode, John the Ripper may use program code to generate words.

  1. Dictionary attack : In this type of attack the tool tries passwords provided in a pre-fed list of large number of words, phrases and possible passwords derived from previously leaked data dumps or breaches. The tool enters every single password in the application from the list, in an attempt to find the correct one.
  2. Brute-force attack : In this type of attack, the tool asks the user to configure a few settings, for example, the minimum and maximum lengths the correct password may fall into and what types of characters it could possibly consist of (e.g., letters only, letters and numbers, or special characters) and at what positions (say, for every password it generates, first four would be alphabets followed by two digits and two special characters).
  3. Rainbow tables : Because mission-critical and security-oriented applications seldom store passwords in plaintext and instead store their fixed-length hashes, rainbow tables can be efficient especially if a large list of hashed passwords is available (for example, from a leaked data dump).

  • Password Auditing : Helps identify weak or commonly used passwords to improve security.
  • Penetration Testing : Used by ethical hackers to test the robustness of passwords and uncover vulnerabilities.
  • Multi-Platform Support : Works across various operating systems and supports multiple encryption algorithms.
  • Cracking Password Hashes : Can recover lost passwords and assess security by breaking hashed passwords.
  • Dictionary & Brute Force Attacks : Uses predefined wordlists or systematically tries all possible combinations to crack passwords.
  • Customization : Allows users to define their own cracking rules and algorithms for more efficient password recovery.

John the Ripper is a versatile password-cracking tool often used in penetration testing and security assessments. Here are some examples of its usage :

Basic Commands
  1. Cracking Passwords with a Wordlist : john --wordlist=wordlist.txt hashes.txt

    2. This command uses a specified wordlist (wordlist.txt) to crack the password hashes in hashes.txt .

  2. Identifying Hash Types : john --list=formats

    3. Displays all supported hash formats, helping you identify the correct format for your target.

  3. Using a Specific Hash Format : john --format=raw-md5 hashes.txt

    4. Specifies the hash format (e.g., raw-md5) for cracking.

  4. Resuming a Cracking Session : john --restore

    5. Resumes a previously interrupted cracking session.

  5. Showing Cracked Passwords : john --show hashes.txt

    6. Displays the passwords that have already been cracked.

Advanced Examples
  1. Incremental Mode (Brute Force) : john --incremental hashes.txt

    2. Attempts all possible character combinations to crack the password.

  2. Cracking ZIP File Passwords :
    • zip2john file.zip > ziphash.txt
    • john ziphash.txt

    3. Extracts the hash from a ZIP file and cracks it.

  3. Merging Shadow and Passwd Files :
    • unshadow /etc/passwd /etc/shadow > mypasswd
    • john mypasswd

    4. Combines /etc/passwd and /etc/shadow files for cracking Linux system passwords.

  • john-data
  • libc6
  • libcrypt1
  • libgmp10
  • libgomp1
  • libpcap0.8
  • libssl3
  • zlib1g

Terminal Installation Commands ...

$ sudo apt-get install john –y

$ sudo apt install snapd

$ sudo snap install john-the-rip

GUI Installation Steps ...
Linux
  1. Linux users need to build Johnny from source since binaries are not provided.
  2. Clone the repository : git clone https://github.com/openwall/johnny.git
  3. Navigate to the directory : cd johnny
  4. Follow the installation instructions provided here.
Windows
  1. Download the latest Johnny binary for Windows from here.
  2. Extract the downloaded ZIP file.
  3. Run the johnny.exe file to start the application.
MacOS
  1. Download the latest Johnny binary for MacOS from here.
  2. Extract the ZIP file.
  3. Open the extracted folder and run johnny.app.

Terminal Uninstallation Commands ...

$ sudo apt-get remove john

$ sudo apt autoclean && apt autoremove

GUI Uninstallation Steps ...
Linux
  1. If installed via package manager, use :

    $ sudo apt remove johnny # Debian-based

    $ sudo yum remove johnny # RedHat-based
  2. If built from source, manually delete the compiled files.
Windows
  1. Locate the folder where Johnny was extracted.
  2. Delete the entire folder containing johnny.exe.
  3. If you created any configuration files, remove them from : C:\Users\YourUsername\AppData\Local\Johnny
  4. Empty the Recycle Bin to fully remove the files.
MacOS
  1. Open Finder and navigate to the folder containing Johnny.
  2. Drag the Johnny.app file to the Trash.
  3. Remove additional configuration files by deleting : ~/Library/Application Support/Johnny
  4. Empty the Trash to complete the uninstallation.

Copyright © 2025 HACKERSPOT

All original content, including tools, software, and other information, is protected by copyright and remains the property of its respective owners.

Subscribe for more Information
HACKERSPOT

HackerSpot is an informational platform that offers resources such as tools, software, courses, internships, and various other materials aimed at supporting individuals passionate about CyberSecurity and IT.

About Us
Docs / Links

Documentation

Tools

Softwares

Operating Systems

Learning

Courses

Internships

Virtual Labs

Colleges

Youtube Channels

Resources

Devices & Hardware

Browsers

Cyber Threat Maps

Other Resources

Contacts

Bapatla, Andhrapradesh, India 237101

bablunannam@gmail.com

+91 7995819235