πŸ‘¨β€πŸ’»
Jawad's Notes
  • πŸ‘¨β€πŸ«INFOSEC
    • πŸ•ΈοΈWeb
      • Burp Suite: Setting Foxyproxy
      • XSS
      • Wappalyzer
      • Directory Traversal
      • LFI
        • PHP Wrappers
        • RFI
      • Reverse Shell
        • Command Injection Quick Tips
      • File Upload
      • WPScan
      • SQL Injection
        • Schemas
        • SQLmap
        • MSSQL
        • MySQL
        • PostgreSQL
    • πŸ”§Tools
      • Whois
      • DNSRecon
      • DNSenum
      • nslookup
      • Netcat
        • Powercat
      • Nmap
        • Nmap Scripting Engine
        • Test-NetConnection
        • Grep
      • Server Message Block (SMB)
      • SNMP
      • SMTP
      • ExifTool
      • Search Engine Hacking
      • Source Control Hacking
      • Nessus
      • Canarytokens
      • Qualys SSL Server Test
      • Security Headers
      • theHarvester
      • Shodan
      • Gobuster
        • Dirb
      • Searchsploit
      • Password Cracking
        • Hashcat
        • John The Ripper
        • Hydra
        • hashID
        • CPU vs GPU
    • 🐧Linux
      • Symbols
      • cat
      • curl
      • openvpn
      • tcpdump
      • Remote Desktop
      • SmbShare
      • Tmux
      • Convert Windows-style line endings (CRLF) to Unix-style (LF)
      • SSH
    • πŸ–₯️Macros in Office
    • 🍎Enhancing Your MacOS Terminal Experience
    • 🚩CTF
      • SQL Injection
        • WHERE clause allowing retrieval of hidden data
        • Allowing login bypass
        • UNION attack, determining the number of columns returned by the query
        • UNION attack, finding a column containing text
        • UNION attack, retrieving data from other tables
        • UNION attack, retrieving multiple values in a single column
        • Querying the database type and version on Oracle
Powered by GitBook
On this page
  1. INFOSEC
  2. Tools
  3. Password Cracking

John The Ripper

John the Ripper (often referred to as "John") is a widely-used password cracking tool designed for detecting weak passwords. It supports various cryptographic hash types and can perform different attack modes to recover passwords.

Key Usages:

  1. Basic Password Cracking: By default, John uses a built-in wordlist and simple rules.

    john hashes.txt

  2. Specifying a Wordlist: Use a custom wordlist for dictionary attacks.

    john --wordlist=wordlist.txt hashes.txt

  3. Incremental Mode (Brute Force): Attempts all possible character combinations.

    john --incremental hashes.txt

  4. Single Crack Mode: Uses the username and GECOS information to generate password guesses.

    john --single hashes.txt

  5. External Mode: Allows for custom cracking algorithms using C-like syntax.

    john --external=MODE hashes.txt

Tips and Tricks:

  1. Using --show to Display Cracked Passwords: After cracking, use --show to see the results.

    john --show hashes.txt

  2. Resume Cracking: If you need to stop and resume later, John supports session management.

    john --session=yourSessionName hashes.txt
john --restore=yourSessionName

  3. Using Rules to Enhance Dictionary Attacks: Apply rules to generate variations of words from the wordlist.

    john --wordlist=wordlist.txt --rules hashes.txt

  4. Adjusting Cracking Mode Settings: Customize settings for incremental mode.

    john --incremental=alpha --min-length=8 --max-length=12 hashes.txt

  5. Cracking Specific Hash Types: Explicitly specify the hash format if John does not auto-detect it.

    john --format=NT hashes.txt

  6. Combining Wordlists: Use multiple wordlists to increase the chances of finding the password.

    john --wordlist=wordlist1.txt --wordlist=wordlist2.txt hashes.txt

  7. Parallel Cracking with MPI: For faster results, use MPI to run John in parallel on multiple processors.

    mpiexec -np 4 john hashes.txt

PreviousHashcatNextHydra

Last updated 8 months ago

πŸ‘¨β€πŸ«
πŸ”§
Page cover image