Skip to content

John The Ripper

Brute force

john --incremental=ASCII --max-length=8 --min-length=8 hash1.hash

NTLM

# source
cat ntlm.hash
example_user:f3d841d114629a99542d76eee2d6b378

# run
john --wordlist=pass.all --format=NT ntlm.hash

# result
john --show --format=NT ntlm.hash             
example_user:Pa$sW0rd

DCC2

synonym: MsCacheV2

# source
cat ddc2.hash
example_user:$DCC2$10240#admin#q7i57vcjcmnkbtc4rp3ut43abuj3idoq

# run
john --format=mscash2 --wordlist=mypasswd dcc2.hash

# result
john --show dcc2.hash
example_user:YOUR_PASSWORD

Custom rules

Example of ./john-local.conf

[List.Rules:AppendNum]
$[0-9]
$[0-9]$[0-9]
$[0-9]$[0-9]$[0-9]
$[0-9]$[0-9]$[0-9]$[0-9]
$[0-9]$[0-9]$[0-9]$[0-9]$[0-9]

[List.Rules:AppendLow]
$[a-z]
$[a-z]$[a-z]
$[a-z]$[a-z]$[a-z]
$[a-z]$[a-z]$[a-z]$[a-z]
$[a-z]$[a-z]$[a-z]$[a-z]$[a-z]

Run

john --wordlist=users.pass --rules=AppendLow --format=crypt user.hash