“I see my path, but I don’t know where it leads. Not knowing where I’m going is what inspires me to travel it.” —Rosalía de Castro
With great regret I finally decided to retire my 10-year-old MacBook Pro as my personal travel laptop. Part of that is I’ll be attending Defcon this year to help out #IAmTheCalvary and the #WeHeartHackers initiative by volunteering in the Defcon Biohacking village. Side note, if you are in Vegas, feel free to drop by and we can talk about cyber security in a clinical setting. Doctors and nurses hate passwords too!
Getting back on track, I wanted something a bit more modern to participate in this year’s Crack Me If You Can Completion, as well as to play around in the various hacking villages so I bought myself a Microsoft Surface Book. The challenge was while Hashcat has a native Windows build, my experiences getting John the Ripper (JtR) running on Windows in the past have been … troubled. That’s part of why I loved my old MacBook. It just worked (sorry Linux), and JtR ran great on it. Now I could re-image my laptop with Linux or dual boot it but having Excel and Notepad++ makes my life so much better. Plus, I’m really digging the tablet. So before I went ahead and installed VirtualBox and ran JtR in a VM I figured I’d try and install JtR using the new Windows Subsystem on Linux (WSL). Long story short, it worked great and was straightforward to do, so I figured I’d share my experiences.
Windows Subsystem for Linux:
The Windows Subsystem for Linux lets developers run a GNU/Linux environment — including most command-line tools, utilities, and applications — directly on Windows, unmodified, without the overhead of a virtual machine.
- Choose your favorite GNU/Linux distributions from the Microsoft Store.
- Run common command-line free software such as grep, sed, awk, or other ELF-64 binaries.
- Run Bash shell scripts and GNU/Linux command-line applications including:
- Tools: vim, emacs, tmux
- Services: sshd, MySQL, Apache, lighttpd
- Install additional software using own GNU/Linux distribution package manager.
- Invoke Windows applications using a Unix-like command-line shell.
- Invoke GNU/Linux applications on Windows.
Enabling WSLv1 and Install a Linux Distro:
- There are several ways to enable WSLv1. I opted to use PowerShell. The first step then is to open an Administrative instance of PowerShell.
- Run the following command (ref):
- Enable-WindowsOptionalFeature -Online -FeatureName Microsoft-Windows-Subsytem-Linux
- Reboot your system when prompted to.
- Once your computer starts back up, the next step is to pick a Linux distro. Open the Microsoft store and type Linux in the search menu
- Side note: You’ll be happy to know that Kali Linux is rated “E for Everyone”!
- Important Note: All the Linux distros I looked at in the Windows Store, (including Kali), are barebones and do not include graphical desktops, or many tools or installed libraries. It’s not like installing a Kali live boot image.
- Because Kali doesn’t come with any tools preconfigured, I opted to go with a base Ubuntu build. That’s also partially because Kali and Hashcat in the past haven’t been an ideal match, so I tend to stay away from it on my desktop builds
- Once you install Ubuntu, you’ll still need to initialize it. To do this open PowerShell again, though this time you can run it as a standard user. For Ubuntu, simply type ‘ubuntu’
- You’ll be prompted to create a user account. Go ahead and do so.
- Congratulations, you are now running Linux on Windows!
Installing John the Ripper
- This guide was written using the bleeding-jumbo version of John the Ripper, which is available here: https://docs.microsoft.com/en-us/windows/wsl/install-win10
- It’s beyond the scope of this guide on how to install and use Git on Windows, (I personally like GitKracken). While you can download the source-code as a zip file, I highly recommend downloading it using git to make keeping it up to date much easier. With WSLv1, it’s recommended that you install the code somewhere besides your new Linux filesystem. I put it in c:\github\JohnTheRipper\. With WSLv2 that changes, but I’ll cross that bridge when I try that out. You could also probably install git into Ubuntu and download it that way, but I didn’t try that.
- The next step is to install all the required libraries in WSLv1 Ubuntu. Run all the following commands in the PowerShell window above after starting Ubuntu. If you ever close your window, you can restart PowerShell and type “ubuntu” to restart Ubuntu.
- Update your package libraries. If you don’t do this, the following installs will not work, (as seen in all the errors above the command in the below screenshot)
- sudo apt update
- Install GCC. Select ‘Y’es when prompted. The install will take a while.
- sudo apt install gcc
- Install Make
- sudo apt install make
- Install various libraries required/recommended for JtR Bleeding-Jumbo
- sudo apt install libssl-dev
- sudo apt install libgmp-dev
- sudo apt install libkrb5-dev
- Navigate to your Windows drive where you installed the John the Ripper source-code. You can access you C:\ Drive under the /mnt/c directory. Run the following command to build JtR
- ./configure && make
- The build process will likely take around 10-15 minutes. After it is done you should see the following. If there are any errors, something went wrong so you will likely need to perform additional troubleshooting.
- Finally navigate to the run directory ‘../run/’ and try to start John the Ripper:
- Congratulations! You are now running John the Ripper on Windows!
- Microsoft Surface Book 13 Inch,
- Intel(R) Core(TM) i7-8650U CPU @ 1.90GHz
- 16.0 GB Ram
*** This is a Security Bloggers Network syndicated blog from Reusable Security authored by Matt Weir. Read the original post at: https://reusablesec.blogspot.com/2019/08/installing-john-ripper-on-microsofts.html