How to Crack Passwords with John the Ripper in 2026

Introduction

John the Ripper remains the go-to tool for testing password strength in 2026. Whether you are a pentester or system administrator, understanding how it works helps you quickly identify weak passwords in an infrastructure. This intermediate tutorial guides you through essential commands, optimized dictionaries, and advanced modes such as transformation rules. You will learn to analyze different hash formats while following ethical best practices. The goal is to make your security audits more effective and reproducible.

Prerequisites

Linux system (Ubuntu/Debian recommended)
Basic command-line knowledge
Hash file to test (compatible format)
Root or sudo access for installation
Wordlist such as rockyou.txt

Installing John the Ripper

terminal

sudo apt update
sudo apt install john -y
john --version

This command updates packages and installs the community version of John the Ripper. Always verify the installed version to ensure you have the latest supported formats.

List Supported Formats

terminal

john --list=formats | head -20

This command displays available hash formats. Select the correct format to avoid automatic detection errors during cracking.

Prepare a Hash File

hashes.txt

echo 'admin:$6$rounds=5000$saltsalt$hashedvaluehere' > hashes.txt

Create a text file containing hashes in standard format. Always use real hashes obtained legally for your tests.

Run Basic Cracking

terminal

john --format=sha512crypt hashes.txt

Starts cracking with the specified format. John uses single and incremental modes by default to find passwords.

Use a Custom Wordlist

terminal

john --wordlist=/usr/share/wordlists/rockyou.txt --rules hashes.txt

Applies a known wordlist with transformation rules to increase success chances on slightly modified passwords.

Best Practices

Always use up-to-date and context-specific wordlists
Enable rules (--rules) to generate more variants
Regularly save state with --restore
Comply with legislation and only use the tool on authorized systems
Analyze results with --show to export discovered passwords

Common Errors to Avoid

Forgetting to specify the correct format (--format)
Running John without a suitable wordlist on complex hashes
Ignoring file permission error messages
Not using --restore after an interruption

Going Further

Discover our advanced training on penetration testing and cryptanalysis at Learni Group.

How to Use John the Ripper in 2026

Introduction

Prerequisites

Installing John the Ripper

List Supported Formats

Prepare a Hash File

Run Basic Cracking

Use a Custom Wordlist

Best Practices

Common Errors to Avoid

Going Further

Recommended Learni Training Courses

Training APNs 2026 - Optimizing Apple Push Notifications

Training Amazon Bedrock - Securing Professional AI Systems

Training Amazon EKS 2026 - Securing your cloud clusters

Training Amazon GuardDuty - Detecting Advanced AWS Threats

Training Amazon GuardDuty 2026 - Securing Your Cloud Infrastructures

Training Amazon Q 2026 - Boost Your Social Strategies

Training Anonymization - Securing Personal Data

Training Anti-phishing - Protecting your company from cyberattacks

Training Bardeen 2026 - Automate Pentest and Expert SOC

Recommended Learni Training Courses

Training APNs 2026 - Optimizing Apple Push Notifications

Training Amazon Bedrock - Securing Professional AI Systems

Training Amazon EKS 2026 - Securing your cloud clusters

Training Amazon GuardDuty - Detecting Advanced AWS Threats

Training Amazon GuardDuty 2026 - Securing Your Cloud Infrastructures

Training Amazon Q 2026 - Boost Your Social Strategies

Training Anonymization - Securing Personal Data

Training Anti-phishing - Protecting your company from cyberattacks

Training Bardeen 2026 - Automate Pentest and Expert SOC