John the Ripper Cheat Sheet
Basic Usage:
- Running John the Ripper (GitHub):
john [options] [password_file]
- Options:
-w
: Specify wordlist file.-mask
: Specify mask to generate passwords.-rules
: Enable word mangling rules.-format
: Specify hash format.-show
: Show cracked passwords.-incremental
: Enable incremental mode.
- Examples:
- Crack passwords using a wordlist:
john -w wordlist.txt password_file
- Crack passwords using incremental mode:
john -incremental password_file
- Specify hash format:
john -format=MD5 password_file
Wordlist Usage:
- Creating Wordlist:
- Use tools like
crunch
orcewl
to generate custom wordlists.
- Common Wordlists:
- Rockyou: A popular wordlist containing common passwords.
- SecLists: Collection of various wordlists for different purposes.
Mask Mode:
- Mask Syntax:
?l
: Lowercase letter?u
: Uppercase letter?d
: Digit?s
: Symbol
- Example:
- Crack passwords using a mask:
john -mask='?l?d?d?d?l?l' password_file
Rule-Based Cracking:
- Mangling Rules:
single
: Apply a single rule at a time.wordlist
: Apply rules from a wordlist.incremental
: Try all possible combinations.
- Examples:
- Crack passwords using default rules:
john -rules password_file
- Use custom wordlist for rules:
john -rules=wordlist.txt password_file
Hash Formats:
- Common Formats:
MD5
SHA1
SHA256
NTLM
- Specify Format:
- Use
-format
option followed by format name.
Output:
- Show Cracked Passwords:
- Use
-show
option to display cracked passwords.
- Output File:
- Cracked passwords are saved in
john.pot
file by default.
Miscellaneous:
- Session Management:
- Use
--session=name
to save and resume sessions.
- Performance Tuning:
- Adjust parameters like threads (
-t
) and benchmark (--test
).
- Documentation:
- Access John the Ripper documentation for detailed usage and options.
Caution:
- Ensure you have permission to perform password cracking activities.
- Respect privacy and legal boundaries while using password cracking tools.
- Always use strong passwords and encourage good security practices.
Resources:
- John the Ripper GitHub Repository
- John the Ripper Documentation
- Online tutorials and forums for additional guidance and tips.
This cheat sheet covers the basic usage and common scenarios of using John the Ripper for password cracking. Adjustments and customization may be required based on specific requirements and target environments. Always use such tools responsibly and ethically.