Skip to content

Day 3: Password Cracking

What is Password Cracking?

Password cracking is the process of recovering plain text passwords from their hashed or encrypted forms. It involves techniques that attempt to reverse or bypass the security mechanisms protecting the password.

๐Ÿ“š Methods to Crack Passwords

Click to expand
  • Wordlist Method: This method involves using a predefined list of potential passwords, which are tested against a hashed password to find a match.

    A famous wordlist in CTFs is Rockyou.txt

  • Brute Force Method: This method tries every possible combination of characters systematically until the correct password is found.


๐Ÿ› ๏ธ Hands-on Tools

So letโ€™s begin with the tools you will require. Donโ€™t worry; the installation commands will also be provided.

Here are the Tools:

  1. John The Ripper
  2. Stegcracker
  3. Fcrackzip
  4. PDFCrack

๐Ÿ—ก๏ธ John The Ripper

Unleash the power of John the Ripper

John the Ripper is a fast password cracker, currently available for many flavors of Unix, Windows, DOS, and OpenVMS. Its primary purpose is to detect weak Unix passwords. Besides several crypt(3) password hash types most commonly found on various Unix systems, supported out of the box are Windows LM hashes, plus lots of other hashes and ciphers in the community-enhanced version. John can almost crack all password-encrypted archives.

๐Ÿ“ฅ Installation

  • Linux: sudo apt install john
  • macOS: brew install john

๐Ÿ•น๏ธ Usage

  1. Wordlist / Dictionary Mode: This mode uses a list of passwords. John generates hashes for these passwords on the fly and compares them with the provided password hash.

    โŒจ๏ธ Command:

    john --wordlist=<path-to-wordlist> --rules <hash-file>

    ๐Ÿ‘‰ Example:

    john --wordlist=/usr/share/wordlists/rockyou.txt --rules file_name

  2. Brute Force Mode / Incremental Mode: This powerful mode tries all possible character combinations as passwords.

    โŒจ๏ธ Command:

    john --incremental <hash-file>

    ๐Ÿ‘‰ Example:

    john --incremental file_name


๐Ÿ‘ฎ Stegcracker

Unlock hidden secrets with Stegcracker

Steganography brute-force utility to uncover hidden data inside files.

๐Ÿ“ฅ Installation

  • Linux: sudo apt-get install steghide -y =pip3 install stegcracker

  • macOS: brew install stegcracker

๐Ÿ•น๏ธ Usage

โŒจ๏ธ Command:
  • stegcracker <file> [<wordlist>]

๐Ÿ‘‰ Example:

  • stegcracker joe.jpg rockyou.txt

๐Ÿ—ƒ๏ธ Fcrackzip

Crack ZIP file passwords with ease using Fcrackzip

Fcrackzip is a password cracking tool for ZIP files. Fcrackzip cracks the password by Brute-Force Attack or by a Dictionary Attack.

๐Ÿ“ฅ Installation

  • Linux: sudo apt install fcrackzip
  • Macos: brew install fcrackzip

๐Ÿ•น๏ธ Usage

Some useful info:


-v for knowing whatโ€™s going on in background Commonly Known as verbose. -b for brute-forcing. -u for unzip. -p for setting the initial password for brute forcing or the file to supply password for dictionary attack. -D sets dictionary mode and reads passwords from a wordlist alphabetically.


  1. Wordlist / Dictionary Method:
    โŒจ๏ธ Command:
  • fcrackzip -v -u -D -p <path_to_wordlist_file><file_name.zip> ๐Ÿ‘‰ Example:

  • fcrackzip -v -u -D -p rockyou.txt Chall.zip

  1. Brute Force:
    โŒจ๏ธ Command:
  • fcrackzip -v -b -u <file_name.zip>

    ๐Ÿ‘‰ Example:

    • fcrackzip -v -b -u Challenge.zip

๐Ÿ’พ PDFCrack

Unlock encrypted PDFs with PDFcrack

PDF Crack is a tool for recovering the pass for Encrypted PDF files.

๐Ÿ“ฅ Installation

  • Linux: $ sudo apt-get install pdfcrack
  • Macos: brew install pdfcrack

๐Ÿ•น๏ธ Usage

  1. Wordlist / Dictionary Method:
    โŒจ๏ธ Command:
  • $ pdfcrack -f <file_name> -w <location_of_wordlist_file> ๐Ÿ‘‰ Example:
  • $ pdfcrack -f Challenge.pdf -w rockyou.txt
  1. Brute Force:
    โŒจ๏ธ Command:
  • $ pdfcrack -f <file_name>

    ๐Ÿ‘‰ Example:
  • $ pdfcrack -f Challenge.pdf


๐Ÿ› ๏ธ Practice

Challenge yourself

These are some basic questions made by me. Enjoy Questions :
Challenge: Click here to Download

---