How to use Johnny— an advanced password cracker / recovery GUI software for John the Ripper
In this small and fast tutorial, I’ll be showing how to use Johnny, with a few examples.
Introduction:
Johnny is the cross-platform Open Source GUI frontend for the popular password cracker John the Ripper.
Johnny’s aim is to automate and simplify the password cracking routine with the help of the tremendously versatile and robust John the Ripper, as well as add extra functionality on top of it, like improved hash and password workflow, multiple attacks and session management, easily define complex attack rules, visual feedback and statistics.
Installation:
For windows, just download the program’s version that is suitable for your operating system and run the installer.
https://openwall.info/wiki/john/johnny#Binaries-22-CURRENT
For linux, you’ll need to download the source from the github. The steps are found in the previous link.
How to use:
This is the starting or the main page as soon as you load up Johnny for the first time:
For this case, I’ll be including a wordlist dictionary for passwords obtained from https://crackstation.net/crackstation-wordlist-password-cracking-dictionary.htm
You can also use these: https://wiki.skullsecurity.org/Passwords
You will also need to give it the base John the Ripper executable from https://www.openwall.com/john/ :
For PDFs as an example:
For this example, I have made 2 encrypted PDF files with random passwords in increasing difficulty.
Now, going back to Johnny. Click File — Open other file format and choose pdf and fill in the information you’d like
That step will give you a bunch of hashes. Save it into a .txt file and proceed to the next steps.
Here is a bunch of hash files I have obtained to use as a longer exercise, so these are separate from the PDFs, but the next steps are the same:
Just load those as password format files into johnny and begin the start new attack prompt.
And here is a few successful cracked passwords:
You can even just filter for easier access:
You can also extract it to a separate file:
And that’s it. A small, short and fast tutorial. There are many different functionalities and ways of cracking these passwords, methods and encryptions available. Be sure to test them all and have fun.
