John The Ripper Modes and Configuration – POFTUT

John The Ripper Modes and Configuration

John have a lot of different features and in order to configure these features it provides a lot of configuration options. In this tutorial we will look some of them.

Getting Help

There is two way to get help abut John. One is the simplest way by using -h .

$ john -h 
John the Ripper password cracker, version [linux-x86-64] 
Copyright (c) 1996-2015 by Solar Designer and others 
--single[=SECTION]        "single crack" mode 
--wordlist[=FILE] --stdin wordlist mode, read words from FILE or stdin 
                  --pipe  like --stdin, but bulk reads, and allows rules 
--loopback[=FILE]         like --wordlist, but fetch words from a .pot file 
--dupe-suppression        suppress all dupes in wordlist (and force preload) 
--prince[=FILE]           PRINCE mode, read words from FILE 
--encoding=NAME           input encoding (eg. UTF-8, ISO-8859-1). See also 
                          doc/ENCODING and --list=hidden-options. 
--rules[=SECTION]         enable word mangling rules for wordlist modes 
--incremental[=MODE]      "incremental" mode [using section MODE] 
--mask=MASK               mask mode using MASK 
--markov[=OPTIONS]        "Markov" mode (see doc/MARKOV) 
--external=MODE           external mode or word filter 
--stdout[=LENGTH]         just output candidate passwords [cut at LENGTH] 
--restore[=NAME]          restore an interrupted session [called NAME] 
--session=NAME            give a new session the NAME 
--status[=NAME]           print status of a session [called NAME] 
--make-charset=FILE       make a charset file. It will be overwritten 
--show[=LEFT]             show cracked passwords [if =LEFT, then uncracked] 
--test[=TIME]             run tests and benchmarks for TIME seconds each 
--users=[-]LOGIN|UID[,..] [do not] load this (these) user(s) only 
--groups=[-]GID[,..]      load users [not] of this (these) group(s) only 
--shells=[-]SHELL[,..]    load users with[out] this (these) shell(s) only 
--salts=[-]COUNT[:MAX]    load salts with[out] COUNT [to MAX] hashes 
--save-memory=LEVEL       enable memory saving, at LEVEL 1..3 
--node=MIN[-MAX]/TOTAL    this node's number range out of TOTAL count 
--fork=N                  fork N processes 
--pot=NAME                pot file to use 
--list=WHAT               list capabilities, see --list=help or doc/OPTIONS 
--format=NAME             force hash of type NAME. The supported formats can 
                          be seen with --list=formats and --list=subformats

And the other method is by using man page. Man page provides more details.

$ man john

JOHN(8)                                               System Manager's Manual                                              JOHN(8) 
       john - a tool to find weak passwords of your users 
       john [options] password-files


John have 3 different modes to crack passwords.

LEARN MORE  How To Use Psexec Tools To Run Commands and Get Shell Remote Windows Systems?

Wordlist: In this mode john will look a given wordlist to crack passwords.

Single Crack: Int this mode john will try crack login:password files.

Incremental: This is the most powerfull mode, john will try all alphabet to crack also new methods can be created in this mode.

When john started without any Mode parameter is tries Modes sequencially like Single Mode, Word List Mode, Incremental Mode.

We set Mode manually like below. After selected Mode search ends it do not jumps next Mode.

$ john --single  unshadowed
  • –single is the Mode specifier or –si  can be used as abrevation


Configuration file about john can be found in /etc/john/john.conf 

If we look into john.conf we will see there is a lot of configuration like word list, alert, defaults, algorithms, rules.

Local user configuration resides in user home directory with name .john . It is a hidden file where provides john history, configuration,cracked passwords etc.

Here is some configuration about Incremental methods alphanumeric wordlist calculation

File = $JOHN/alnum.chr 
MinLen = 1 
MaxLen = 13 
CharCount = 62

Leave a Comment