JOHN THE RIPPER

Introduction

John the Ripper is a popular open-source password cracking tool. It is commonly used to perform dictionary attacks on password hashes in order to recover the original plaintext passwords. It can also be used to perform a variety of other password cracking tasks, such as cracking password hashes generated by the Windows operating system and cracking password-protected ZIP and RAR files. It is available for several operating systems, including Windows, Linux, and macOS.

Background Information

John the Ripper 1.0 was released in 1996 as a drop-in replacement for Cracker Jack under DOS.  It was built with DJGPP, requiring 386+ and optimized for the original Pentium and to a lesser extent for 486.  This also explains the john.pot filename - obviously, it was jack.pot in Cracker Jack.  The functionality of John the Ripper 1.0 was comparable to Cracker Jack's, but extended in a number of ways: there were wordlist rules compatible with Crack's, and the "single crack" mode (name originating from Cracker Jack) was entirely re-designed (IIRC, in Cracker Jack using this mode involved running a separate program before starting the main cracker program).  There was incremental mode (using frequency-sorted lists of characters), which wasn't present in Cracker Jack at all (nor in any other cracker available at the time that I know of).  Cracker Jack appeared unmaintained since 1993 by that time, lacking optimizations for x86 CPUs newer than 386 - it ran very well on 386 (in many cases faster than John the Ripper, in fact), but poorly on 486 and especially on the original Pentium.  John the Ripper 1.0 solved that, and more.  Cracker Jack was closed source, and no code from it was reused.

Installation Manual of the Tools

John the Ripper can be installed on various operating systems, including Windows, Linux, and macOS. For Windows, user can download the pre-compiled binary executable from the official website, https://www.openwall.com/john/ and run it. As for the Linux, user can use a package manager such as apt or yum to install the "john" package. On MacOS, user can use Homebrew to install.

Install John the Ripper via Windows

Install John the Ripper via Linux

Install John the Ripper via MacOS

Alternatively, you can also build John the Ripper from source code. The official website provides instructions for building the software on various platforms, including Linux, macOS, and Windows.

Demo Manual (How to use it?)

First, extract all the file from zip file of the pre-compiled binary executable John the Ripper file. Then, put the extracted folder in the system drive and rename it to “john” folder.

Extracted file from pre-compiled binary executable

Put extracted file to system drive and rename it

User also need to create one zip file that contain password to extract to show how the John the Ripper works.

Next, open command prompt and locate the file path of the program (C:\john\run).

After that, run the application according to the file type such as, for zip file, user need to run “zip2john.exe” while for the rar file, user need to run “rar2john.exe”. This application is used to encrypt or fetch the data encryption.

Finally, user can execute “john.exe” application to decrypt the file that contain password by using the “hash.txt” file that been stored by the encryption step.

Password for the protected file

The result of the John the Ripper password on the protected file

Analysis on Confidentiality, Integrity and Availability

Security Services	Details
Confidentiality	To run John, password files need to be supplied and optionally specify a cracking mode and using the default order of modes and assuming that "passwd" is a copy of the password file.
Integrity	The data cannot be modified unless the user enter a password for the encrypted file.
Availability	John the Ripper is a fast password cracker, currently available for many flavors of Unix, macOS, Windows, DOS, BeOS, and OpenVMS (the latter requires a contributed patch).