John: Password Cracking Techniques and Strategies

Explore various password cracking techniques and strategies using John the Ripper. Learn how to crack passwords using incremental mode, specific wordlists, external modes, and target specific hash formats.

Incremental mode (Brute-Force)

/usr/sbin/john --incremental mypasswd.txt 

Using a specific wordlist

/usr/sbin/john --wordlist=customwordlist.txt mypasswd.txt

Using external mode

/usr/sbin/john --external=Wordlist mypasswd.txt

Cracking ZIP files

/usr/sbin/john --format=zip myziphash.txt

Cracking MD5 hashes

/usr/sbin/john --format=raw-md5 mymd5hash.txt

Using a specific cracking strategy

/usr/sbin/john --format=NT myhash.txt --rules=Jumbo

Cracking SSH private keys

/usr/sbin/john --format=ssh mysshkey

Restore a previous session

/usr/sbin/john --restore=sessionname

List available formats

/usr/sbin/john --list=formats

Specify a format for raw MD5 hashes

/usr/sbin/john --format=Raw-MD5 myrawmd5hash.txt

Run John with no log

/usr/sbin/john --nolog mypasswd.txt

Pause and resume a session

To pause:

kill -SIGTERM $(pgrep john)

To resume:

/usr/sbin/john --restore

Check for cracked passwords

/usr/sbin/john --show --format=raw-md5 mymd5hash.txt

Pot file manipulation (example: showing cracked passwords)

cat ~/.john/john.pot

Target a specific CPU core

taskset -c 0 /usr/sbin/john mypasswd.txt