This is the third post in a three-part series that I’m writing as a way to introduce Cryptographic Hashes from an Offensive Security perspective. The first post explained what hashes are, the second post explained how you would go about figuring out what kind of hash you’re working with, and this post is about trying to figure out how to crack the hash. Cracking hashes is the process of reverse-engineering or brute-forcing the hash to recover the original data, such as passwords. This final post in our offensive security series will walk you through how to crack hashes, with a focus on using John the Ripper, but we’ll also touch on other tools like Hashcat.
What Does It Mean to Crack a Hash?
Cracking a hash means finding the original data (like a password) that was transformed into the hash. Since cryptographic hash functions are designed to be one-way, cracking usually involves one of these approaches:
- Brute Force: Trying every possible combination of characters until a match is found.
- Dictionary Attack: Using a precompiled list of possible passwords (a dictionary) and hashing each one to see if it matches the target hash.
- Rainbow Tables: Precomputed tables of common hashes and their corresponding plaintext values, used to crack hashes more quickly.
- Hybrid Attack: A combination of dictionary and brute force methods, where slight variations of known words are tried.
John the Ripper
John the Ripper is one of the most popular and powerful tools for cracking hashes. It’s a highly versatile password cracker that supports a wide range of hash formats and is available on many platforms. Its community has developed numerous plug-ins and wordlists to extend its functionality, making it the go-to tool for many security professionals.
Let’s take a look at how to use John the Ripper to crack different types of hashes.
Step-by-Step Guide: Cracking Hashes with John the Ripper
1. Identify the Hash Type
Before starting the cracking process, you need to identify the hash type. In previous blog posts, we discussed how to identify a hash based on its format and length. If you know the type of hash, you can optimize your cracking efforts.
2. Install John the Ripper
If you don’t already have John the Ripper installed, you can install it on most Linux systems using:
sudo apt-get install john
For other systems, you can download the latest version from the official John the Ripper website.
3. Prepare the Hashes for Cracking
Create a text file containing the hashes you want to crack. Ensure that each hash is on a new line. Save the file as something like ‘hashes.txt’. Here are the contents of a hashes.txt file that I set up for easy cracking.
5f4dcc3b5aa765d61d8327deb882cf99 098f6bcd4621d373cade4e832627b4f6
4. Run John the Ripper
To start cracking, run the following basic command where –wordlist represents the wordlist you want to use. Cultivating and collecting good wordlists is an important skill and hobby in offensive security. Lists like the leak from the RockYou breach (with its 14 million+ passwords) are very common to use in Capture the Flag (CTF) and training boxes. There are lists that are much bigger and better that you can find online. Also, if you do decent Open Source Intelligence (OSINT) on your targets, you may very well create targeted/curated lists to use. Things like variations on your target’s pets’ names, kids’ names, favorite teams, etc. For example, “Spot, Sp0t, $p0t, Steelers, $teelers, $teeler$, $t33ler$” and so on. There are many tools (including John) to help you take a word and generate all of those permutations for you.
// --wordlist: This option tells John to use a dictionary file (wordlist) of potential passwords. john --wordlist=/path/to/wordlist.txt hashes.txt
John will attempt to match the hashes in your file against the passwords in your wordlist. If a match is found, John will output the cracked password.
5. Use Predefined Hash Formats
Sometimes, John may not automatically recognize the hash format. If you know the hash type, you can specify it explicitly with the –format option.
For example, to crack an MD5 hash, try the following. Since our hashes.txt file contains MD5 hashes, I’ll show the actual output. This was almost instantaneous:
$ john --format=raw-md5 --wordlist=/usr/share/wordlists/rockyou.txt hashes.txt Using default input encoding: UTF-8 Loaded 2 password hashes with no different salts (Raw-MD5 [MD5 256/256 AVX2 8x3]) Warning: no OpenMP support for this hash type, consider --fork=12 Press 'q' or Ctrl-C to abort, almost any other key for status password (?) test (?) 2g 0:00:00:00 DONE (2024-11-18 14:00) 100.0g/s 8313Kp/s 8313Kc/s 8332KC/s tyson4..tauruz Use the "--show --format=Raw-MD5" options to display all of the cracked passwords reliably Session completed.
For NTLM hashes (commonly used in Windows systems):
john --format=nt hashes.txt
Common Formats:
- MD5: –format=raw-md5
- SHA-1: –format=raw-sha1
- NTLM: –format=nt
- bcrypt: –format=bcrypt
6. Brute Force Cracking
If a dictionary attack fails or you don’t have a good wordlist, you can use brute force. This method tries all possible combinations of characters, but it can take a long time depending on the complexity of the password.
Example command:
// --incremental: This option tells John to perform a brute force attack. john --incremental hashes.txt
7. Checking Cracked Passwords
Once the cracking process is complete (or if you want to check progress), you can use the following command to display the cracked passwords. Since we already cracked these above, this is my output when I run this command:
// --show tells John to show the passwords, // --format is usually needed to reliably see the results. $ john hashes.txt --show --format=raw-md5 ?:password ?:test 2 password hashes cracked, 0 left // This is what I get with --show only, leaving off the format. // You'll note when I actually cracked these the first time, // John had suggested --show with --format and that definitely // works better. I mean, this doesn't even show the right // number of hashes corresponding with the file. $ john hashes.txt --show 0 password hashes cracked, 4 left
This will list all the hashes that have been successfully cracked and their corresponding plaintext passwords.
Advanced John the Ripper Techniques
Hybrid Attacks: You can combine dictionary and brute force attacks using rules. This allows John to try slight variations on the words in your dictionary (e.g., adding numbers, changing case).
john --wordlist=/path/to/wordlist.txt --rules hashes.txt
Custom Mask Attacks: If you know part of the password format (e.g., passwords are always 8 characters and include numbers), you can customize John’s brute force method with masks.
Other Tools for Cracking Hashes
While John the Ripper is one of the most popular tools, there are other tools worth mentioning:
Hashcat is another powerful hash-cracking tool known for its speed and GPU support. Hashcat can perform various types of attacks, including brute force, dictionary, and hybrid attacks.
Example Hashcat command for MD5 cracking using our example hashes.txt file
// -m 0: Specifies the hash type (MD5). // -a 0: Specifies the attack mode (dictionary). // -o cracked.txt: The output file for cracked passwords. $ hashcat -m 0 -a 0 -o cracked.txt hashes.txt /usr/share/wordlists/rockyou.txt hashcat (v6.2.6) starting OpenCL API (OpenCL 3.0 PoCL 6.0+debian Linux, None+Asserts, RELOC, LLVM 17.0.6, SLEEF, DISTRO, POCL_DEBUG) - Platform #1 [The pocl project] ============================================================================================================================================ * Device #1: cpu-haswell-13th Gen Intel(R) Core(TM) i7-1355U, 2802/5669 MB (1024 MB allocatable), 12MCU Minimum password length supported by kernel: 0 Maximum password length supported by kernel: 256 Hashes: 2 digests; 2 unique digests, 1 unique salts Bitmaps: 16 bits, 65536 entries, 0x0000ffff mask, 262144 bytes, 5/13 rotates Rules: 1 Optimizers applied: * Zero-Byte * Early-Skip * Not-Salted * Not-Iterated * Single-Salt * Raw-Hash ATTENTION! Pure (unoptimized) backend kernels selected. Pure kernels can crack longer passwords, but drastically reduce performance. If you want to switch to optimized kernels, append -O to your commandline. See the above message to find out about the exact limits. Watchdog: Hardware monitoring interface not found on your system. Watchdog: Temperature abort trigger disabled. Host memory required for this attack: 3 MB Dictionary cache built: * Filename..: /usr/share/wordlists/rockyou.txt * Passwords.: 14344392 * Bytes.....: 139921507 * Keyspace..: 14344385 * Runtime...: 1 sec Session..........: hashcat Status...........: Cracked Hash.Mode........: 0 (MD5) Hash.Target......: hashes.txt Time.Started.....: Mon Nov 18 14:08:32 2024 (0 secs) Time.Estimated...: Mon Nov 18 14:08:32 2024 (0 secs) Kernel.Feature...: Pure Kernel Guess.Base.......: File (/usr/share/wordlists/rockyou.txt) Guess.Queue......: 1/1 (100.00%) Speed.#1.........: 2446.1 kH/s (0.31ms) @ Accel:512 Loops:1 Thr:1 Vec:8 Recovered........: 2/2 (100.00%) Digests (total), 2/2 (100.00%) Digests (new) Progress.........: 172032/14344385 (1.20%) Rejected.........: 0/172032 (0.00%) Restore.Point....: 165888/14344385 (1.16%) Restore.Sub.#1...: Salt:0 Amplifier:0-1 Iteration:0-1 Candidate.Engine.: Device Generator Candidates.#1....: tyson4 -> floryna Started: Mon Nov 18 14:08:19 2024 Stopped: Mon Nov 18 14:08:33 2024 $ cat cracked.txt 5f4dcc3b5aa765d61d8327deb882cf99:password 098f6bcd4621d373cade4e832627b4f6:test
Online Hash Cracking Services
There are also online hash-cracking services that can speed up the process, such as:
CrackStation: Free online service for cracking MD5, SHA-1, and other hash types using large dictionaries. For instance, both of my hashes from above would have been instantly cracked via the CrackStation website. Here was the output when I put them in:
Hash | Type | Result |
---|---|---|
5f4dcc3b5aa765d61d8327deb882cf99 | md5 | password |
098f6bcd4621d373cade4e832627b4f6 | md5 | test |
Hashes.com: In their own words, “Hashes.com is a site dedicated to hash recovery”. They are home to many different tools (free and paid) and they also instantly cracked my example hashes with this output:
Proceeded! 2 hashes were checked: 2 found 0 not found Found: 5f4dcc3b5aa765d61d8327deb882cf99:password 098f6bcd4621d373cade4e832627b4f6:test
Best Practices for Hash Cracking
- Use Strong Wordlists: A good wordlist is essential for dictionary attacks. The RockYou.txt wordlist is one of the most popular, containing millions of common passwords.
- Leverage GPU Power: If possible, use Hashcat or John the Ripper with GPU acceleration to speed up the cracking process.
- Automate Your Workflow: Use scripts to automate the process of identifying and cracking hashes in large datasets.
- Understand Legal Boundaries: Cracking hashes should only be done in legal and ethical contexts, such as penetration tests, security audits, or in scenarios where you have permission.
Cracking hashes is a critical skill in offensive security, allowing you to recover passwords and understand security vulnerabilities in systems. While John the Ripper is a versatile and powerful tool, others like Hashcat, CrackStation, and Hashes.com can complement your efforts depending on the task at hand. With the right tools, techniques, and wordlists, you’ll be able to crack a wide variety of hash types in the course of your security audits or penetration tests.
Okay, that’s it. Hopefully, over the course of this series you’ve gotten a good basic overview of hashes, how to identify them, and how to begin to think about cracking them.