killchain-compendium/Hashes/Password Cracking/John the Ripper.md

1006 B

John The Ripper

Usage

  • Example
john --wordlist=/usr/share/seclists/Passwords/Leaked-Databases/rockyou.txt ./hash.txt --format=raw-sha256 --fork=2

Declaring Structure

  • List subformat
john --list=subformats
john --wordlist=/usr/share/seclists/Passwords/Leaked-Databases/rockyou.txt ./hash.txt --format=dynamic_85 --fork=2

Rules

  • Rule syntax
  • Create a local rules file, e.g. /etc/john-local.conf or /usr/share/john/john-local.conf
  • Create config for mutations, e.g. border mutation
[List.Rules:border]
$[0-9]$[0-9]
  • Run john with parameter --rules=border

Existing Rules

  • l33t, l33tsp34k
  • NT, case mutation
  • Example for best64
john --wordlist=single_password.txt --rules=best64 --stdout > out.txt

Subformats

  • Some salted passwords need dynamic rules
john --list=subformats