Scribd
Upload
510 views

John the Ripper Cheatsheet

Uploaded by

chloeungar1
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
510 views

John the Ripper Cheatsheet

Uploaded by

chloeungar1
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 3

John the Ripper Cheatsheet for Penetration Testing

Getting Started
Install John the Ripper:

- Install from package manager: `sudo apt install john`

- Or download and build from source: https://www.openwall.com/john/

Basic Syntax:

`john [options] [password file]`

Basic Commands
Crack a Password File:

`john hashfile` (Automatically detects the hash type).

Specify Hash Format:

`john --format=[format] hashfile` (e.g., `--format=nt` or `--format=sha256crypt`)

Show Cracked Passwords:

`john --show hashfile`

Stop and Resume:

- Stop: Press `CTRL+C`

- Resume: `john --restore`

Generating Hashes
Generate MD5 Hash:

`echo -n "password" | md5sum`

Generate SHA256 Hash:

`echo -n "password" | sha256sum`

Wordlist Mode
Using a Wordlist:

`john --wordlist=/path/to/wordlist.txt hashfile`

Using Built-In Wordlist:


`john --wordlist=/usr/share/john/password.lst hashfile`

Enable Rules:

`john --wordlist=wordlist.txt --rules hashfile`

Incremental Mode
Default Incremental Mode:

`john --incremental hashfile`

Specify Incremental Mode:

`john --incremental=[mode] hashfile` (e.g., `--incremental=alpha`)

Mask Attack
Simple Mask Example:

`john --mask=?l?l?l?l?d hashfile` (?l = lowercase letter, ?d = digit)

Complex Mask:

`john --mask=?u?l?l?l?l?d?d hashfile` (?u = uppercase letter)

Hybrid Attack
Combining Mask and Wordlist:

`john --wordlist=wordlist.txt --mask=?d?d?d hashfile`

Session Management
Save Session:

`john --session=[session_name] hashfile`

Restore Session:

`john --restore=[session_name]`

Useful Options
List Available Hash Formats:

`john --list=formats`

Verbose Output:

`john --verbosity=3 hashfile`

Adjust Performance:
`john --fork=4 hashfile` (Runs 4 parallel processes).

Popular Hash Formats


| Hash Type | Format |

|---------------------|--------------|

| MD5 | raw-md5 |

| SHA-1 | raw-sha1 |

| NTLM | nt |

| bcrypt | bcrypt |

| SHA256crypt | sha256crypt |

| SHA512crypt | sha512crypt |

Example Workflows
Crack NTLM Hash with Wordlist:

`john --wordlist=rockyou.txt --format=nt hashes.txt`

Brute Force a SHA256 Hash:

`john --incremental --format=raw-sha256 hashfile`

Crack with Rules and Wordlist:

`john --wordlist=rockyou.txt --rules=Jumbo hashes.txt`

Resume Interrupted Process:

`john --restore`

Post-Crack Analysis
Analyze Cracked Passwords:

`john --show hashfile`

Compare Performance:

`john --test`

Wordlists and Rules


Explore additional wordlists and rules in John the Ripper documentation for tailored
attacks.

You might also like