> For the complete documentation index, see [llms.txt](https://pencer.gitbook.io/pencer-ctf-all-the-things/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://pencer.gitbook.io/pencer-ctf-all-the-things/enumeration-and-exploitation/cracking-hashes.md).

# Cracking Hashes

Use JohnTheRipper against lots of different types of hashes. Doesn't need a GPU so works well on a virtual machine.

This is useful to identify hash type:

{% embed url="<https://www.tunnelsup.com/hash-analyzer/>" %}

Can speed up JohnTheRipper if you tell it the correct hash type:

```bash
john --wordlist=/usr/share/wordlists/rockyou.txt --format=Raw-SHA256 hash.txt
```

#### PGP Key

Convert PGP key to John format:

```bash
gpg2john tryhackme.asc > tryhackme.asc.john
```

Crack it:

```bash
john --wordlist=/usr/share/wordlists/rockyou.txt tryhackme.asc.john
```

#### SSH

If we find an encrypted SSH private key, get sshng2john if needed and convert to John format:

```
curl -sk https://raw.githubusercontent.com/truongkma/ctf-tools/master/John/run/sshng2john.py > sshng2john.py
python sshng2john.py id_rsa > id_rsa.encrypted
```

Now we can try to crack it:

```
john --wordlist=/usr/share/wordlists/rockyou.txt id_rsa.encrypted
```
