JTR CHEAT SHEET Multiple CPU or GPU Wordlists

This cheat sheet presents tips and tricks for using JtR List OpenCL devices and get the device id Sort a wordlist to use with wordlist rule mode
./john --list=opencl-devices $tr A-Z a-z < SOURCE | sort -u > TARGET
JtR Community Edition - Linux List formats supported by OpenCL Use a POT file to generate a new wordlist
Download the JtR Bleeding Jumbo edition with ./john --list=formats -- cut -d: -f2 john.pot | sort -u > pot.dic
format=opencl
improved capabilities and other goodies. Generate candidate passwords for slow hashes.
git clone Multiple GPU's ./john --wordlist= password.lst --stdout
https://github.com/magnumripper/JohnTheR ./john hashes -- --rules:Jumbo | ./unique -mem=25
ipper -b bleeding-jumbo format:<openclformat> --wordlist:<> wordlist.uniq
--rules:<> --dev=0,1 --fork=2
Compile JtR and enable/disable required features Use external mode for complex rules
cd JohnTheRipper/ Multiple CPU's (e.g., 4 cores)
cd src/ ./john hashes --wordlist:<> -- http://www.lanmaster53.com/2011/02/creating-
./configure rules:<> --dev=2 --fork=4 complex-password-lists-with-john-the-ripper/
make clean && make -s
Enable bash completion. add the Rules Generate a wordlist that meets the complexity
following line to your ~/.bashrc --rules:Single specified in the complex filter
. <JtR path>/run/john.bash_completion --rules:Wordlist ./john --wordlist=[path to word list] --stdout --
Cracking Modes --rules:Extra external:[filter name] > [path to output list]
Wordlist Mode (dictionary attack) --rules:Jumbo (all the above) Try sequences of adjacent keys on a keyboard as
./john --wordlist=password.lst hashfile --rules:KoreLogic candidate passwords
Mangling Rules Mode (hybrid) john --external:Keyboard hashfile
--rules:All (all the above)
./john --wordlist=password.lst Configuration Items on John.conf
rules:<rulename> hashfile Incremental Modes (Brute Force)
When using both CPU and GPU set this flag
Incremental mode (Brute Force) --incremental:Lower (26 char)
./john --incremental hashfile
Idle = N
--incremental:Alpha (52 char)
External mode (use a program to generate guesses) --incremental:Digits (10 char) Hidden Options
./john --external: <rulename> hashfile ./john --list=hidden-options
--incremental:Alnum (62 char)
Loopback mode (use POT as wordlist)
Incremental mode with new charsets Display guesses
./john --loopback hashfile ./john --incremental:Alpha -stdout -
Mask mode (read MASK under /doc) Create a new charset based on john.pot session=s1
./john --mask=?1?1?1?1?1?1?1?1 -1=[A-Z] ./john --make-charset=charset.chr
hashfile -min-len=8
Generate guesses with external program
crunch 1 6 abcdefg | ./john hashes -
Hybrid Mask mode Create a new entry in John.conf to accommodate the stdin -session=s1
./john -w=password.lst -
new charset
mask='?l?l?w?l?l' hashfile Session and Restore
Markov mode (Read MARKOV under /doc). ./john hashes -session=name
First generate Markov stats: # Incremental modes
./calc_stat wordlist markovstats [Incremental:charset] ./john --restore:name
Then run: File = $JOHN/charset.chr
./john -markov:200 -max-len:12 hashfile MinLen = 0 Show cracked passwords
--mkv-stats=markovstats MaxLen = 31
CharCount = 95 ./john hashes --pot=<> --show
Prince mode (Read PRINCE under /doc) Resources
./john --prince=wordlist hashfile Run JtR with the new charset
./john --incremental=charset hashfile John-Users Mailing List
Most modes have Maxlen=13 in John.conf but it can
http://www.openwall.com/lists/john-users/
be overwritten with -max-len=N up to 24

Authored by Luis Rocha. This cheat sheet was reviewed by John-Users. Its distributed according to the Creative Commons v3 Attribution License. Youre looking at version 1.0 of this document.
JtR Community Wiki ./john hashes --wordlist=password.lst -- Charset and Conversion Wordlist Rules
rules:Tryout
http://openwall.info/wiki/john #shift case: "Crack96" -> "cRACK(^"
Documentation under doc folder Simple Wordlist Rules S
Matt Weir Blog #lowercase the first character, and uppercase the #lowercase vowels, uppercase consonants: "Crack96"
http://reusablesec.blogspot.ch/ rest -> "CRaCK96"
C V
Simple Rule in John.conf #toggle case of all characters in the word #shift each character right, by keyboard: "Crack96" ->
[List.Rules:Tryout] t
l "Vtsvl07"
u #toggle case of the character in position N R
c TN
l r #shift each character left, by keyboard: "Crack96" ->
l Az"2015" #reverse: "Fred" -> "derF" "Xeaxj85"
d r L
l A0"2015"
A0"#"Az"#" #duplicate: "Fred" -> "FredFred" Length control
d
Details #reject the word unless it is less than N characters
#reflect: "Fred" -> "FredderF" long
# convert to lowercase f <N
l
#rotate the word left: "jsmith" -> "smithj" #reject the word unless it is greater than N characters
# convert to uppercase {
u long
#rotate the word right: "smithj" -> "jsmith" >N
#capitalize }
c #truncate the word at length N
#append character X to the word 'N
#lowercase the word and reverse it (palindrome) $X
l r Dictionaries
#prefix the word with character X
#lowercase the word and append at end of the word ^X Generate wordlists from Wikipedia pages: wget
https://raw.githubusercontent.com/zombie
(Az) the number 2015 Insert and Delete Wordlist Rules sam/wikigen/master/wwg.py
l Az"2015"
#Remove the first char from the word python wwg.py -u
# duplicate [ http://pt.wikipedia.org/wiki/Fernando_Pe
d ssoa -t 5 -o fernandopessoa -m3
#Remove the last char from the word
# lowercase the word and prepend at beggining of ] Generate wordlists from Aspell Dicts
the word (A0) the number 2015 aspell dump dicts
l A0"2015" #delete the character in position N
sudo apt-get install aspell-es
DN
Add # to the beginning and end of the word aspell -d es dump master | aspell -l es
A0"#"Az"#" #extract substring from position N for up to M expand | awk 1 RS=" |\n" > Spanish.dic
Use the Wordlist Rule characters Resources
xNM
Display the password candidates generated with the Full Rules Documentation
mangling rule #insert character X in position N and shift the rest http://www.openwall.com/john/doc/RULES.s
./john --wordlist=password.lst --stdout right html
--rules:Tryout iNX Password Analysis and Cracking Kit
Generate password candidates max length of 8 https://thesprawl.org/projects/pack/
#overstrike character in position N with character X
./john --wordlist=password.lst -- Mangling Rules Generation by Simon Marechal
stdout=8 --rules:Tryout oNX
http://www.openwall.com/presentations/Pa
sswords12-Mangling-Rules-Generation/

Authored by Luis Rocha. This cheat sheet was reviewed by John-Users. Its distributed according to the Creative Commons v3 Attribution License. Youre looking at version 1.1 of this document.