How to Crack The Given Dictionary Based Crypt Password
If you are a penetration tester or a security enthusiast, you may have encountered situations where you need to crack a password that is encrypted using a crypt function. A crypt function is a one-way hash function that transforms a plain text password into a hashed string that is stored in a file or a database. The crypt function can use different algorithms, such as DES, MD5, SHA-256, SHA-512, etc.
One of the common methods to crack a crypt password is to use a dictionary attack. A dictionary attack is a technique that tries to guess the password by comparing the hashed password with pre-computed hashes of common passwords or words. A dictionary attack can be very effective if the password is weak or based on a common word.
In this article, we will show you how to crack a given dictionary based crypt password using a popular tool called John the Ripper. John the Ripper is a password cracking tool that supports many encryption technologies for Windows and Unix systems. One remarkable feature of John is that it can autodetect the encryption for common formats. This will save you a lot of time in researching the hash formats and finding the correct tool to crack them.
John is also a dictionary-based tool. This means that it works with a dictionary of common passwords to compare it with the hash in hand. Here is a common password list called rockyou.txt[^1^]. While you can use popular wordlists like RockYou, John also has its own set of wordlists with thousands of common passwords. This makes John very effective when cracking systems with weak passwords.
This is how John works by default:
recognize the hash type of the current hash
generate hashes on the fly for all the passwords in the dictionary
stop when a generated hash matches the current hash
This is not the only way John finds a password. You can also customize John based on your requirements. For example, you can specify the password format using the --format flag.
Let's see how to use John the Ripper to crack a given dictionary based crypt password.
Step 1: Install John the Ripper
If you are using Kali Linux, John is pre-installed. You can use John by typing the following command:
For Ubuntu/Debian, you can get John from the apt source. Here is the command to install John in Ubuntu:
$ apt install john
In Mac, you can find John in Homebrew:
$ brew install john
For windows and other operating systems, you can find the binaries here[^2^].
Once you have installed John, try the help command to make sure your installation is working. The help command can also be used as a reference when working with John.
$ john -h
Step 2: Prepare the Hash File
To crack a given dictionary based crypt password, you need to have the hashed password in a file. You can create a file with any name and extension, such as hash.txt, and paste the hashed password inside it.
For example, let's say we have this hashed password that we want to crack: