2021-08-23 01:13:54 +02:00
|
|
|
# John The Ripper
|
|
|
|
|
|
2021-09-01 00:44:36 +02:00
|
|
|
* [Formats](http://pentestmonkey.net/cheat-sheet/john-the-ripper-hash-formats)
|
|
|
|
|
|
2021-08-23 01:13:54 +02:00
|
|
|
# Usage
|
|
|
|
|
|
|
|
|
|
* Example
|
2021-09-01 00:44:36 +02:00
|
|
|
```sh
|
2021-08-23 01:13:54 +02:00
|
|
|
john --wordlist=/usr/share/seclists/Passwords/Leaked-Databases/rockyou.txt ./hash.txt --format=raw-sha256 --fork=2
|
|
|
|
|
```
|
2021-09-01 00:44:36 +02:00
|
|
|
|
|
|
|
|
## Declaring Structure
|
|
|
|
|
* List subformat
|
|
|
|
|
```sh
|
|
|
|
|
john --list=subformats
|
|
|
|
|
```
|
|
|
|
|
```sh
|
|
|
|
|
john --wordlist=/usr/share/seclists/Passwords/Leaked-Databases/rockyou.txt ./hash.txt --format=dynamic_85 --fork=2
|
|
|
|
|
```
|
|
|
|
|
|
2021-11-06 23:40:23 +01:00
|
|
|
## Rules
|
|
|
|
|
* [Rule syntax](https://www.openwall.com/john/doc/RULES.shtml)
|
|
|
|
|
* Create a local rules file, e.g. `/etc/john-local.conf` or `/usr/share/john/john-local.conf`
|
|
|
|
|
* Create config for mutations, e.g. border mutation
|
|
|
|
|
```sh
|
|
|
|
|
[List.Rules:border]
|
|
|
|
|
$[0-9]$[0-9]
|
|
|
|
|
```
|
|
|
|
|
* Run john with parameter `--rules=border`
|
|
|
|
|
|
|
|
|
|
### Existing Rules
|
|
|
|
|
* `l33t`, l33tsp34k
|
|
|
|
|
* `NT`, case mutation
|
2021-11-18 18:05:21 +01:00
|
|
|
* Example for `best64`
|
|
|
|
|
```sh
|
|
|
|
|
john --wordlist=single_password.txt --rules=best64 --stdout > out.txt
|
|
|
|
|
```
|
2021-12-09 01:50:04 +01:00
|
|
|
|
|
|
|
|
### Subformats
|
|
|
|
|
* Some salted passwords need dynamic rules
|
|
|
|
|
```sh
|
|
|
|
|
john --list=subformats
|
|
|
|
|
```
|
