John

Cracking

sudo john --wordlist=/home/amandine/rockyou.txt hash-to-crack.txt

Show hash cracked

Shows the cracked hash once it has been cracked.

sudo john --show hash-to-crack.txt

Format conversion

PDF hash cracking

perl pdf2john.pl /home/amandine/Desktop/PG/Nickel/Infrastructure.pdf > /home/amandine/Desktop/PG/Nickel/pdf.hash

SSH hash cracking

/usr/share/john/ssh2john.py id_rsa.bak>prv.john

ZIP hash cracking

zip2john backup.zip > backup.hash

Rules based password cracking

With John it is possible to use installed rules or custom rules to expend our password wordlists.

This command allows us to list all available password rules in john.conf

cat /etc/john/john.conf|grep "List.Rules:" | cut -d"." -f3 | cut -d":" -f2 | cut -d"]" -f1 | awk NF

This second command is the basic syntax to create a password wordlist using a john rule.

john --wordlist=passwordlist.txt --rules=KoreLogic --stdout > passwordlist-rules.txt

Custom rules

It is possible to add custom rules at the end of the /etc/john/john.conf file. This rules takes all original words from a wordlists and add a numeric value between 0-9 at the end of the word. Then, it prepends ^ a special character at the beginning of the word.

[List.Rules:THM-Password-Attacks]
Az"[0-9]" ^[!@#$]

We can then apply this rule to a wordlist.

KoreLogic Rules for John

Set of rules created during DEFCON 2010. Can be added to John the Ripper installed rules lists.

PreviousHashcat NextPassword Generator tools

Last updated 1 year ago