Now I try to share knowledge to you all, about how to install John the Ripper on Windows to steal passwords. (I am not responsible if there is damage to your pc software and the damage caused by this software because the software is a virus that deliberately, TROJAN HORSE) so do not be installed on your pc. the authors do not recommend the use of these applications for a crime, but the author just wanted to share pengatahuan.
John the Ripper installation on windows and I will discuss some basic types of attacks and the things you can do with John the Ripper. This article is quite long and I will try to explain the rudimentary language which I hope is understandable.
Now let's begin the tutorial
- Download John the Ripper 184.108.40.206 (Windows - binaries, ZIP, 1360 KB) click HERE
Some tips that will make it easier to install John the Ripper on windows
1. Save on C :/, do not in any folder or program files.
2. When installing will probably look something like C: / John/john1701 / etc Move everything out of the folder and go to the folder john1701 first. Then delete john1701.
3. Now when you go into your C drive and open the folder john, you will see two folders doc to run, not john1701
4. In the run folder you will see the application "john-386" or "john-something". Just change the name to "john"
To run JTP, we open it via the ms-dos command line
Go Start, Run, and type cmd
type this command: cd C: / john / run
Now we get into a miraculous kind of attack through JTP.
First I will show bruteforcing JTP mode. This mode is to try every possible combination of letters (both uppercase and lowercase), numbers, symbols or a combination of the three to find the password. Before I tell you how to do it, we should take a hash (I will use the form: CRjRYEn9g3PUc from above), copy and past in notepad, and save it in the "run" in John the Ripper as a txt file. I call it hash.txt. One way to do this type of attack is to type "hash.txt john" (all commands without the quotes) and press enter. It will start trying to bruteforce password. Another way is to drag and drop the file hash.txt john application (this will be done in the run folder). Shortage of bruteforce attack is requires a very long time, but the process can be stopped by typing the command "ctrl + C".
Bruteforce Attack-with conditions-
This way shorter. So if you think the password only contains letters you can use the command "john-i: alpha hash.txt", if you think the password only contains numbers that you can use the command "john-i: hash.txt digit", you can also use command "john-i: all hash.txt" to guess passwords that use both numbers and letters.
How this is done when we are dealing with a combination of long cengan password. but this method is much faster than if we use a bruteforce attack, but requires precision, because we need to make a list of words (according to the dictionary) and JTP will match each letter corresponding to the list that we have created.
For this example I call the list "wordlist.txt".
To conduct Dictionary Attac, type this command: john-w: hash.txt wordlist.txt
When cracking password has been done, we can check this by using the ith command using the command "hash.txt john-show"
there are many more uses of this software, enough of my tutor about how to install John the Ripper on Windows to steal passwords may be useful.