VishwaCTF-22 => John the rocker (Cryptography)

Shriyans Sudhi
2 min readMar 22, 2022

Challenge Info

Description: None


Vishwa CTF


This is an easy cryptography challenge. In this challenge, we’ve got a file, which is a SSH private key. So, the most probable things are:-

  • Get an SSH server
  • Crack the key

As the name suggests, we should use John the Ripper (it is a hash cracking tool) to crack this. After googling it, I got the following article: So following the steps as mentioned.

First of all, download the ssh2john python script from github:-

~$ wget

Now, get the hash for it using ssh2john

~$ python3 idrsa.id_rsa.docx > hash

Now, the hash is written to file name as “hash”. So the next step is to crack it.

A quick revision for what hash is: see wikipedia

So, as default, our wordlist is rockyou.txt. It is located at “/usr/share/wordlists/rockyou.txt.gz” by default (you have to extract it before using it) in Kali Linux and Parrot OS.

So cracking the hash:-

~$ john --wordlist=/usr/share/wordlists/rockyou.txt hash

So here, we’ve successfully cracked the hash. Since our flag format is “vishwaCTF{secret}”, so our flag would be “vishwaCTF{!!**john**!!}”


  • Try to crack SSH keys if you get it on web servers and you can report it.

Get more VishwaCTF-22 writeups here