labs / tiddlers / content / labs / 03 / _Labs_03_John the
**Unfortunately, the version of John the Ripper in the lab environment is very old and lacks support for the `mask` parameter, so this section will be for information only.**

In this section, we will briefly introduce [John the Ripper](, an open-source password cracking tool (officially termed a "security auditing and password recovery tool"). The following exercises briefly illustrate its use.

First, we can calculate the hash of a readily-crackable password:

echo -n Qwert56 | md5sum  | tr -d '  -'

This pipeline computes the MD5 hash of the (rather poor) password "Qwert56". The `-n` flag tell `echo` not to output a newline (which would affect the hash, since it accounts for all bits in the input). The `tr` command at the end of the pipeline removes extraneous output from `md5sum` leaving just the hash as a hexadecimal string.

Copy the hex string from the output before proceeding (just the string, without any newline!).

Next, we can run John the Ripper on the hash to brute-force determine the original password (the command is simply `john`). Run the following command, which will await your input:

john --format=raw-md5 --fork=4 --mask="?u?l?l?l?l?d?d" /dev/stdin

Then paste in the MD5 hex string from before and type Ctrl-D to signal end of input. John will then search the specified space for passwords that produce that MD5 sum as output.

The `mask` parameter allows you to specify a pattern or general description of the kinds of characters that should be tried at each position within the passwords being generated and tested. Some example pattern characters:

* ?l lower-case ASCII letters
* ?u upper-case ASCII letters
* ?d numeric digits
* ?s special characters such as punctuation (all printable ASCII characters not in ?l, ?u or ?d)

**Exercises**: Comment on the likely patterns that would result from password requirements such as having a minimum of one capital letter and a minimum of one digit. What effect would this have on the password entropy?