John-the-Ripper & Hashcat: Password-Cracking 101

Is your password policy truly as strong as you think? There's only one sure way to find out—by testing it! In the world of penetration testing, password cracking is an essential skill for uncovering weak credentials and assessing overall security. This walkthrough will guide you through the use of two powerful password-cracking tools, John the Ripper and Hashcat, and how to leverage them with wordlists generated by CeWL, a tool that scrapes websites for likely passwords. We'll explore how to gather targeted wordlists, feed them into cracking tools, and ultimately test the strength of your password policies.

John the Ripper

A versatile password cracking tool for identifying weak passwords in various encrypted formats.

Hashcat

A powerful, GPU-accelerated password cracker that supports a wide range of hashing algorithms. Where the rubber meets the road (but mostly if you have the GPU to harness the power).

CeWL

A web scraper tool that generates custom wordlists by crawling websites for potential password phrases.

Setting Up

Kali or Parrot

If you are running Kali Linux or Parrot Sec OS, you may not need to install much, but check to ensure you're running the latest versions.

Installing John the Ripper

sudo apt install john

Installing Hashcat

sudo apt install hashcat

Installing CeWL

sudo apt install cewl

Generating Wordlists with CeWL

CeWL can be used to scrape specific websites to generate wordlists tailored to the target environment. This is especially useful in scenarios where passwords are based on a particular context, such as company names, locations, or terminology found on their website.

A Wordlist from a Website

cewl https://example.com -w custom_wordlist.txt

Explanation

• https://example.com: The target website.
• -w custom_wordlist.txt: Specifies the output file for the wordlist.

You can extend the functionality with deeper scrapes or by collecting email addresses:

cewl -d 2 --email https://example.com -w custom_wordlist.txt

Explanation

• -d 2: Scrapes two layers deep into the site.
• --email: Also gathers email addresses, which could be useful for targeted attacks like phishing.

Cracking Passwords with John-the-Ripper

John the Ripper is versatile and has several useful options for expanding password cracking techniques. A great feature is the use of --rules, which modifies wordlist entries to test different variations of words, making password cracking more efficient without needing huge wordlists.

Identifying the Hash Type

1. DES crypt: $1$O3JMY.Tw$AdLnLjQ/5jXF9.MTp3gHv/

   • Hash type: DES crypt
   • Hash encoding: rEK1ecacw.7.c
   • Plaintext: password
   • Supported in JtR: yes

2. BSDI crypt: _J9..K0AyUubDrfOgO4s Hash type: BSDI crypt Hash encoding: N/A Plaintext: password Supported in JtR: yes

3. bigcrypt: qiyh4XPJGsOZ2MEAyLkfWqeQ Hash type: bigcrypt Hash encoding: N/A Plaintext: passphrase Supported in JtR: yes
4. MD5 crypt: $1$O3JMY.Tw$AdLnLjQ/5jXF9.MTp3gHv/ Hash type: MD5 crypt Hash encoding: $1$... Plaintext: password Supported in JtR: yes
5. SHA-256 crypt: $5$MnfsQ4iN$ZMTppKN16y/tIsUYs/obHlhdP.Os80yXhTurpBMUbA5 Hash type: SHA-256 crypt Hash encoding: $5$... Plaintext: password rasmuslerdorf Supported in JtR: yes
6. bcrypt: $2a$05$bvIG6Nmid91Mu9RcmmWZfO5HJIMCT8riNW0hEp8f6/FuA2/mHZFpe Hash type: bcrypt Hash encoding: $2a$... Plaintext: password Supported in JtR: yes
7. LM: 855c3697d9979e78ac404c4ba2c66533 Hash type: LM Hash encoding: N/A Plaintext: passphrase Supported in JtR: yes
8. NTLM: $NT$7f8fe03093cc84b267b109625f6bbf4b Hash type: NTLM Hash encoding: $NT$... Plaintext: passphrase Supported in JtR: Pro or jumbo patch
9. Mac OS X salted SHA-1: 0E6A48F765D0FFFFF6247FA80D748E615F91DD0C7431E4D9 Hash type: Mac OS X salted SHA-1 Hash encoding: N/A Plaintext: macintosh Supported in JtR: Pro or jumbo patch
10. Oracle: 000EA4D72A142E29 EB026A76F0650F7B Hash type: Oracle Hash encoding: N/A Plaintext: #95LWEIGHTS CIAO2010 Supported in JtR: Jumbo patch needed
11. SAP: (Username$HASHCODE) See File SAP-pw-test-for-user-DDIC.zip Hash type: SAP Hash encoding: N/A Plaintext: DDIC Supported in JtR: Jumbo patch needed

Selecting the Right Rule

Rule Set	Intensity	Unique Features	Types of Transformations	Best For
Best64.rule	Low	Minimal, high-success transformations	Basic mutations, end/beginning numbers	Quick initial cracks; good first pass for basic passwords.
d3ad0ne.rule	Moderate	Focus on leet speak and keyboard pattern mutations	Leet substitutions, end/beginning numbers	Targeting passwords with leet speak or simple patterns (e.g., password123).
KoreLogic.rule	Moderate	Layered complexity; starts simple, progresses deeper	Basic to moderate mutations, growing complexity	Step-by-step approach, covering a range from simple to complex transformations progressively.
Dive.rule	High	Adds numbers to middle, supports deep insertions	Advanced placements, diverse modifications	Passwords with complex, unconventional formats or obscure symbol/number placements.
OneRuleToRuleThemAll	Very High	Covers nearly all possible character transformations	Comprehensive: numbers, symbols, extensive substitutions	Exhaustive exploration for highly resistant passwords; ideal when all else fails.
Jumbo.rule	Extreme	Most exhaustive; attempts nearly every mutation	Full brute-force transformations across all elements	Last-resort rule set, covering every transformation combination; very time-intensive.

Example: Cracking with Rules and a Wordlist

john --wordlist=/usr/share/wordlists/rockyou.txt --rules hashfile.txt

Explanation

• --wordlist: Specifies the wordlist.
• --rules: Applies the default password mutation rules (e.g., appending numbers or capitalizing the first letter).
• hashfile.txt: The file containing the password hashes.

Using Custom Rules

John comes with several pre-defined rulesets that expand on basic rules:

john --wordlist=custom_wordlist.txt --rules=Jumbo hashfile.txt

Explanation

• --rules=Jumbo: Uses the Jumbo ruleset, which applies more aggressive modifications to words (e.g., replacing letters with numbers).
• You can define custom rules based on what you know about a target's password policy.

Example: Cracking SHA-512 Crypt Passwords

This is commonly used in modern Linux systems:

john --format=sha512crypt --wordlist=custom_wordlist.txt hashfile.txt

Explanation

• --format=sha512crypt: Specifies that the password hash format is SHA-512 crypt.

Using Hashcat for the Heavy-lifting

Hashcat is highly effective for GPU-accelerated cracking and is particularly useful when dealing with larger datasets or more complex password policies. It supports advanced attacks like mask attacks, which allow you to define password patterns based on known policies.

Helpful in Finding Formats

Say you know the format of the hash is lesser-known - in this command, we're viewing all of the example hashes, but then pulling out the ones that include PDF with some lines before and after those hits for context.

hashcat --example-hashes | grep -i 'pdf' -B 8 -A 7

Cracking SHA-512 Crypt Passwords with Hashcat

hashcat -m 1800 -a 0 hashfile.txt /usr/share/wordlists/rockyou.txt

Explanation

• -m 1800: Specifies the SHA-512 crypt hash type (modern Linux systems).
• -a 0: Dictionary attack mode.
• hashfile.txt: File containing password hashes.
• /usr/share/wordlists/rockyou.txt: The wordlist used for the attack.

Using Masks Based on a Known Password Policy

Standard Password Policy Example

• Minimum length: 8 characters
• Maximum length: 16 characters
• Character requirements: - At least one uppercase letter - At least one lowercase letter - At least one digit - At least one special character While in this example we cannot guarantee each type of character is present, including only the necessary character types will help speed up the process.
  

  hashcat -m 1800 -a 3 hashfile.txt -1 ?u -2 ?l -3 ?d -4 ?s -5 ?u?l?d?s ?5?5?5?5?5?5?5?5?5?5?5?5?5?5?5?5 --increment --increment-min=8 --increment-max=16
  

Explanation

• ?5?5?5?5?5?5?5?5?5?5?5?5?5?5?5?5: This defines a mask of up to 16 positions, where each position uses the combined character set ?5, which includes all uppercase, lowercase, digits, and special characters.
• Length Control:
  • --increment: Ensures that the password lengths start from 8 characters and go up incrementally.
  • --increment-min=8: Starts testing with 8 characters.
  • --increment-max=16: Tests passwords up to 16 characters long.

Using Wordlists and Masks Together

If a password policy requires passwords to include both common words and patterns, you can combine a dictionary attack with a mask:

hashcat -m 1800 -a 6 hashfile.txt /usr/share/wordlists/rockyou.txt ?d?s

Explanation

• -a 6: Hybrid attack mode, combining dictionary words and mask patterns.
• ?d?s: The mask that requires a digit and special character to be appended to each word.

When to Use Which

John the Ripper is lightweight, simple, and ideal for cracking smaller sets of hashes or when you're working within a CPU-only environment. It excels at cracking hash types like SHA-512 crypt and NTLM, and using --rules expands its flexibility when dealing with unknown password policies.

Hashcat should be used for more intensive cracking operations, especially when dealing with large datasets or complex password policies. Its ability to leverage GPU acceleration makes it significantly faster for brute-force and mask attacks. Use it when you have specific information about a target's password policy and need to exploit predictable patterns.

When attacking a system in a real-world scenario, use CeWL to gather likely password candidates, John the Ripper with rules to crack common passwords quickly, and Hashcat for tackling more complex password policies by using masks and GPU acceleration. This multi-tool approach allows you to maximize your chances of finding weak credentials in a timely manner.