Credential Access with John the Ripper

John the Ripper (JtR) is widely used within red team assessments. Learn how to leverage the powerful capabilities of JtR to crack passwords of various hash types and use JtR within Metasploit.
Course info
Level
Intermediate
Updated
May 22, 2020
Duration
23m
Table of contents
Description
Course info
Level
Intermediate
Updated
May 22, 2020
Duration
23m
Description

Performing password cracking is a common task performed in a red team engagement. Understanding how to use the tools can be a daunting task. In this course, Credential Access with John the Ripper, you will gain the ability to crack commonly used password hashes leveraging the highly customizable tool, John the Ripper. First, you will learn how to navigate the syntax of John and amp up your cracking capabilities by obtaining rich wordlists and permutating them. Next, you will discover how to perform password cracking of common operating systems such as Windows and Linux. Finally, you will explore how to use John within a Metasploit session, giving you the ability to perform password cracking during the exploitation phase. When you are finished with this course, you will have the skills and knowledge of John the Ripper needed to amplify your red team engagements when performing password cracking.

About the author
About the author

Rishalin Pillay has over 12 years of cybersecurity experience and has acquired a vast amount of skills consulting for Fortune 500 companies while taking part in projects performing tasks in network security design, implementation, and vulnerability analysis. He holds many certifications that demonstrate his knowledge and expertise in the cybersecurity field. He is an author and content contributor to a number of books.

Section Introduction Transcripts
Section Introduction Transcripts

Course Overview
Welcome to Pluralsight and this cybersecurity tools course, featuring John the Ripper, the open‑source password cracking tool developed by Alexander Peslyak and maintained by Openwall. In this digital age, passwords are still a common authentication method that's being used. Weak passwords can be guessed using brute‑force techniques. These passwords can be used for initial access into a system, lateral movement across systems, and to elevate your privileges. John the Ripper is a tool which has been around for a while. It is fast and supports a wide range of hashes that it is able to crack. It is also highly customizable and provides a wide range of options to permutate password lists. This tool is often used by both Red Team specialists and attackers. If you are looking to gain knowledge on how John the Ripper can be used to crack various password hashes and the various features that's available within John the Ripper, come join me here, at Pluralsight.