hands-on lab

Cracking Hashes with John the Ripper

Up to 2h
Get guided in a real environmentPractice with a step-by-step scenario in a real, provisioned environment.
Learn and validateUse validations to check your solutions every step of the way.
See resultsTrack your knowledge and monitor your progress.


When passwords are stored on a production server, the current security advice is to store them in a hashed form. A hash is a one-way cryptographic function used to transform an input (which is unbounded in size) into a fixed length output, a message digest (MD).

As long as the input is the same, the hash function will always output the same MD. Using this feature, a system can calculate a user's password MD and store this in a globally readable directory. When the user returns and enters their password to authenticate their identity, this value is hashed and then compared with the stored MD. If they match then the user must have entered the same password as they had when the MD was first generated by the system.

You will be looking at different hashing algorithms, each of which were commonly used to store passwords on Windows and UNIX systems.

You will be using John the Ripper to crack some password files.

This lab is part of a series on cyber network security.

Learning Objectives

Upon completion of this lab you will be able to:

  • Demonstrate to delegates how compromised hashes can be cracked using John the Ripper

Intended Audience

This lab is intended for:

  • Cyber and network security specialists


You should possess:

  • A basic understanding of Windows operating system environments

About the author

QA, opens in a new tab
Training Provider
Learning paths

A world-leading tech and digital skills organization, we help many of the world’s leading companies to build their tech and digital capabilities via our range of world-class training courses, reskilling bootcamps, work-based learning programs, and apprenticeships. We also create bespoke solutions, blending elements to meet specific client needs.

Covered topics

Lab steps

Starting the Cyber Network Security Lab Exercise