John the Ripper

Fast password cracking tool supporting many hash formats

Methods10 commands

#password#cracking#hash#bruteforce

Installation

1Install via package manager

2Or build from source

3Verify installation

# Debian/Ubuntu
apt install john

# Verify
john --version

Basic Usage

Crack password hashes using wordlists, rules, and brute force

# Basic cracking
john hash.txt

# Wordlist attack
john --wordlist=rockyou.txt hash.txt

# Show cracked passwords
john --show hash.txt

Command Reference

10 commands

1Use wordlist for dictionary attack

--wordlist

2Apply word mangling rules

--rules

3Brute force incremental mode

--incremental

4Specify hash format

--format

5Show cracked passwords

--show

6Session name for resuming

--session

7Restore interrupted session

--restore

8Pot file to use

--pot

9Number of parallel processes

--fork

10Print words to stdout

--stdout

When to Use

Password cracking from captured hashes

Hash type analysis and identification

CTF challenges requiring hash cracking

Auditing password policy strength

Penetration testing post-exploitation

Notes & Tips

Use --wordlist for dictionary attacks with common passwords

Use --incremental for brute force on short passwords

GPU support available with john --devices for faster cracking

Common Errors & Solutions

No hashes loaded

Verify hash format and use --format flag

Wrong format

Check if hashes are in valid format for John

Too slow

Use --fork for multiprocessing or enable GPU

John the Ripper

Fast password cracking tool supporting many hash formats

Methods10 commands

#password#cracking#hash#bruteforce

Installation

1Install via package manager

2Or build from source

3Verify installation

# Debian/Ubuntu
apt install john

# Verify
john --version

Basic Usage

Crack password hashes using wordlists, rules, and brute force

# Basic cracking
john hash.txt

# Wordlist attack
john --wordlist=rockyou.txt hash.txt

# Show cracked passwords
john --show hash.txt

Command Reference

10 commands

1Use wordlist for dictionary attack

--wordlist

2Apply word mangling rules

--rules

3Brute force incremental mode

--incremental

4Specify hash format

--format

5Show cracked passwords

--show

6Session name for resuming

--session

7Restore interrupted session

--restore

8Pot file to use

--pot

9Number of parallel processes

--fork

10Print words to stdout

--stdout

When to Use

Password cracking from captured hashes

Hash type analysis and identification

CTF challenges requiring hash cracking

Auditing password policy strength

Penetration testing post-exploitation

Notes & Tips

Use --wordlist for dictionary attacks with common passwords

Use --incremental for brute force on short passwords

GPU support available with john --devices for faster cracking

Common Errors & Solutions

No hashes loaded

Verify hash format and use --format flag

Wrong format

Check if hashes are in valid format for John

Too slow

Use --fork for multiprocessing or enable GPU