> For the complete documentation index, see [llms.txt](https://sarpers-organization.gitbook.io/ctftricks/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://sarpers-organization.gitbook.io/ctftricks/_chapter-intro-11/offline-cracking/trick-0079.md).

# Crack Ansible Vault Password

***

Convert the Ansible Vault string into a hash format recognizable by John the Ripper using `ansible2john`. This tool, often available as `ansible2john.py`, processes the encrypted vault file and outputs a hash string suitable for cracking. Redirect the output to a file.

```bash
ansible2john <vault_string_file> > <output_hash_file>
```

Alternatively, the command might look like this, explicitly calling the Python script:

```bash
python ansible2john.py ansible_vault_file > ansible_vault_hash
```

Another common usage is:

```bash
ansible2john.py vault.yml > vault.hash
```

The output hash format generated by `ansible2john` is typically in the form `$ansiblevault$1.1$ITERATIONS$SALT$VAULT_ID$CIPHERTEXT`, which is then used by cracking tools.

Crack the extracted hash offline using a wordlist like `rockyou.txt`. John the Ripper can take the generated hash file as input.

```bash
john --wordlist=<path_to_wordlist> <output_hash_file>
```

A specific example using the `rockyou.txt` wordlist would be:

```bash
john --wordlist=/usr/share/wordlists/rockyou.txt ansible_vault_hash
```

Once the password is found (e.g., `!@#$%^&*`), save it to a file and use `ansible-vault decrypt` with the `--vault-password-file` option to decrypt the original vault file.

The `ansible-vault decrypt` command is used to decrypt a file previously encrypted with `ansible-vault encrypt`. When decrypting, you must provide the correct password. One method is to use a password file.

```bash
echo "!@#$%^&*" > cracked_password_file
ansible-vault decrypt <vault_string_file> --vault-password-file cracked_password_file
```

A specific example demonstrating decryption using a password file is:

```bash
ansible-vault decrypt file.yml --vault-password-file password.txt
```

The `--vault-password-file` option specifies a file containing the vault password. Ansible will read the password from this file when performing the decryption. This is particularly useful for automation or when you have the password stored securely in a file after recovery.
