John The Ripper on Tryhackme

This is the write up for the room John The Ripper on Tryhackme and it is part of the complete beginners path

Make connection with VPN or use the attackbox on Tryhackme site to connect to the Tryhackme lab environment.

Tasks John The Ripper

Task 1

Read all that is in the task and press on complete

Task 2

2.1 What is the most popular extended version of John the Ripper?

The answer is in the text but you have to look carefully.

Answer: Jumbo John

Task 3

What website was the rockyou.txt wordlist created from a breach on?

Answer: rockyou.com

Task 4

Download the file attached to this task

4.1 What type of hash is hash1.txt?

Open the file and copy the hash. Go to Hash Type Identifier – Identify unknown hashes and identify the hash

Answer: MD5

4.2 What is the cracked value of hash1.txt?

Type in the following command and the answer will reveal itself

john --format=raw-md5 --wordlist=/usr/share/wordlists/rockyou.txt hash1.txt

4.3 What type of hash is hash2.txt?

Copy the hash inside the text file and navigate to Hash Type Identifier – Identify unknown hashes

Answer: Sha1

4.4 What is the cracked value of hash2.txt

To find the correct syntax for the command type in

john --list=formats | grep -iF "sha1"

Type in the following command and the answer will reveal itself

john --format=raw-sha1 --wordlist=/usr/share/wordlists/rockyou.txt hash2.txt

4.5 What type of hash is hash3.txt?

Copy the hash inside the text file and navigate to Hash Type Identifier – Identify unknown hashes

Answer:  sha256

4.6 What is the cracked value of hash3.txt

To find the correct syntax for the command type in

john --list=formats | grep -iF "sha256"

Type in the following command and the answer will reveal itself

john --format=raw-sha256 --wordlist=/usr/share/wordlists/rockyou.txt hash3.txt

4.7 What type of hash is hash4.txt?

Copy the hash inside the text file and navigate to Hash Type Identifier – Identify unknown hashes

Answer: Whirlpool

4.8 What is the cracked value of hash4.txt?

To find the correct syntax for the command type in

john --list=formats | grep -iF "whirlpool"

Type in the following command and the answer will reveal itself

john --format=whirlpool --wordlist=/usr/share/wordlists/rockyou.txt hash4.txt

Task 5

5.1 What do we need to set the “format” flag to, in order to crack this?

To find the correct syntax for the command type in john –list=formats | grep -iF “ntlm”

Answer: NT

5.2 What is the cracked value of this password?

Type in the following command and the answer will reveal itself

john --format=nt--wordlist=/usr/share/wordlists/rockyou.txt ntlmtxt

Task 6

6.1 What is the root password?

Type in the following command so the answer can reveal itself

john --wordlist=/usr/share/wordlists/rockyou.txt --format=sha512crypt etchashes.txt

Task 7

7.1 What is Joker’s password?

First we need to identify the hash in the hash7.txt file. Copy the hash and navigate to Hash Type Identifier – Identify unknown hashes and identify the hash. We see it is an MD5. Now for single user mode to work open the hash7.txt and add Joke: to the beginning of the hash. Then type in the following command to so the answer can revel itself

john --single --format=raw-md5 hash7.txt

Task 8

8.1 What do custom rules allow us to exploit?

Answer: Password complexity predictability

8.2 What rule would we use to add all capital letters to the end of the word?

For this to find we need to take a look at the rules here John the Ripper – wordlist rules syntax (openwall.com)

Answer: Az"[A-Z]"

8.3 What flag would we use to call a custom rule called “THMRules”

Answer: -rule=THMRules

Task 9

9.1 What is the password for the secure.zip file?

First we need to convert it to a hash john the ripper can understand. Type in the following command:

zip2john secure.zip > zip_hash.txt

The crack the password with john the ripper and to get the answer revealed just type the following command

john --wordlist=/usr/share/wordlists/rockyou.txt zip_hash.txt

9.2 What is the contents of the flag inside the zip file?

Unpack the zip by using the password found in the previous questions

Task 10

10.1 What is the password for the secure.rar file?

First we need to convert it to a hash john the ripper can understand. Type in the following command:

rar2john secure.zip > rar_hash.txt

The crack the password with john the ripper and to get the answer revealed just type the following command

john --wordlist=/usr/share/wordlists/rockyou.txt rar_hash.txt

10.2 What is the contents of the flag inside the zip file?

Unpack the rar by using the password found in the previous questions

Task 11

11.1 What is the SSH private key password?

This one is a little bit different as we need to find the ssh2john.py on the system. Type in locate ssh2john to get the path. The copy it to the location where the file is.

cp /usr/share/john/ssh2john.py <path to file>

Now we need to convert the keys to a readable hash by typing

python ssh2john.py idrsa.id_rsa > id.txt

And crackng it by typing

john --wordlist=/usr/share/wordlists/rockyou.txt id.txt

Now you have te answer of the question