44 lines
1006 B
Markdown
44 lines
1006 B
Markdown
|
# John The Ripper
|
||
|
|
|
||
|
|
* [Formats](http://pentestmonkey.net/cheat-sheet/john-the-ripper-hash-formats)
|
||
|
|
|
||
|
|
# Usage
|
||
|
|
|
||
|
|
* Example
|
||
|
|
```sh
|
||
|
|
john --wordlist=/usr/share/seclists/Passwords/Leaked-Databases/rockyou.txt ./hash.txt --format=raw-sha256 --fork=2
|
||
|
|
```
|
||
|
|
|
||
|
|
## Declaring Structure
|
||
|
|
* List subformat
|
||
|
|
```sh
|
||
|
|
john --list=subformats
|
||
|
|
```
|
||
|
|
```sh
|
||
|
|
john --wordlist=/usr/share/seclists/Passwords/Leaked-Databases/rockyou.txt ./hash.txt --format=dynamic_85 --fork=2
|
||
|
|
```
|
||
|
|
|
||
|
|
## Rules
|
||
|
|
* [Rule syntax](https://www.openwall.com/john/doc/RULES.shtml)
|
||
|
|
* Create a local rules file, e.g. `/etc/john-local.conf` or `/usr/share/john/john-local.conf`
|
||
|
|
* Create config for mutations, e.g. border mutation
|
||
|
|
```sh
|
||
|
|
[List.Rules:border]
|
||
|
|
$[0-9]$[0-9]
|
||
|
|
```
|
||
|
|
* Run john with parameter `--rules=border`
|
||
|
|
|
||
|
|
### Existing Rules
|
||
|
|
* `l33t`, l33tsp34k
|
||
|
|
* `NT`, case mutation
|
||
|
|
* Example for `best64`
|
||
|
|
```sh
|
||
|
|
john --wordlist=single_password.txt --rules=best64 --stdout > out.txt
|
||
|
|
```
|
||
|
|
|
||
|
|
### Subformats
|
||
|
|
* Some salted passwords need dynamic rules
|
||
|
|
```sh
|
||
|
|
john --list=subformats
|
||
|
|
```
|