Introduction
When passwords are stored properly, they're not kept as plaintext — they're hashed. A hash function transforms the password into a fixed-length string of characters that's theoretically irreversible. The idea is that even if an attacker steals the hash database, they can't recover the original passwords. John the Ripper exists to prove that theory wrong.
First released in 1996 by Alexander Peslyak (Solar Designer), John the Ripper is an open-source password cracker that attacks hash files directly. Give it a file full of hashes — from /etc/shadow on a Linux system, from a Windows SAM database, from a ZIP file, from a PDF, from a cryptocurrency wallet — and it will systematically attempt to find the passwords that produce those hashes.
How It Works
John supports three primary attack modes. Single crack mode uses login names and other GECOS information as candidate passwords, applying mangling rules to generate variations. Wordlist mode takes a dictionary file and tests each word, optionally applying transformation rules. Incremental mode is pure brute force, trying every possible character combination up to a specified length.
The rule engine is where John's power becomes apparent. Rules transform dictionary words into realistic password variations: capitalize the first letter, append numbers, substitute letters with symbols (a→@, e→3, s→$), reverse the word, duplicate it, and hundreds of other transformations. This approach is devastatingly effective because it mirrors how humans actually create passwords — taking a base word and applying predictable modifications.
John supports over 200 hash formats out of the box, including MD5, SHA-1, SHA-256, SHA-512, bcrypt, NTLM, Kerberos, WPA-PSK, and dozens of application-specific formats. The Jumbo community-enhanced version adds even more. Companion tools like zip2john, rar2john, pdf2john, and ssh2john extract hashes from encrypted files so John can crack them.
Why It Matters
Password cracking is a core skill in penetration testing. When you compromise a system, you often gain access to password hashes — from /etc/shadow, from a dumped Active Directory database, from an application's user table. Cracking those hashes gives you credentials that can be used for lateral movement, privilege escalation, and access to additional systems.
John is also essential for security auditing. Organizations use it to test their own password policies by attempting to crack their users' password hashes. If John cracks 40% of your organization's passwords in an hour, your password policy needs work.
Key Takeaways
Learn the three attack modes and when to use each. Start with single crack mode (fast, uses available information), then wordlist mode with rules (most effective for common passwords), and resort to incremental mode only when the others fail. RockYou and SecLists provide excellent starting wordlists.
Understand hash types and how to identify them. A hash starting with $6$ is SHA-512crypt. $2b$ is bcrypt. $y$ is yescrypt. 32 hex characters might be MD5 or NTLM. John's --format option lets you specify the hash type, but it can often auto-detect.
For defense: use modern, slow hash algorithms (bcrypt, scrypt, Argon2) instead of fast ones (MD5, SHA-1). Enforce long, unique passwords. The slower the hash algorithm, the fewer guesses an attacker can make per second — bcrypt at cost 12 limits John to a few hundred guesses per second on a CPU, compared to billions for MD5.
The Bigger Picture
John the Ripper has been cracking passwords for nearly three decades, and the fundamental dynamic hasn't changed: humans create predictable passwords, and hash functions can be reversed through sheer computational effort. Hardware gets faster, wordlists get bigger, and rule sets get smarter — but the core problem remains the same. Passwords are a fundamentally flawed authentication mechanism, and John is the tool that has been quietly proving it since before most of its users were born.
