In previous chapters, we extracted password hashes from databases; using hash strings is the most common method to find passwords in a penetration test. In order to discover the real password, we need to decipher them and, as hashes are generated through irreversible algorithms, we have no way of decrypting the password directly. Hence, it is necessary to use slower methods like brute force and dictionary cracking.

In this recipe, we will use John the Ripper (JTR or simply John), the most popular password cracker, to recover passwords from the hashes extracted in the step-by-step SQL injection recipe in Chapter 6, Exploiting Injection Vulnerabilities.